From c269a987d5305bd5efc20a15a15b2f7867840dd4 Mon Sep 17 00:00:00 2001 From: Simon Gow Date: Wed, 19 Sep 2018 14:53:12 +1200 Subject: [PATCH] Performance issues with BasicAuth and LoginAttempts Two functions interact with the LoginAttempt object which when used in conjunction with BasicAuth result in significant performance degradation over time, as the LoginAttempts Table fills. This fix adds an index to the lookup column EmailHashed and removes the Email filter part of getByEmail() so it can use the index resulting in a much faster query. For more information see https://github.com/silverstripe/silverstripe-framework/issues/8389 --- src/Security/LoginAttempt.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/Security/LoginAttempt.php b/src/Security/LoginAttempt.php index 1a2b68939..832764a51 100644 --- a/src/Security/LoginAttempt.php +++ b/src/Security/LoginAttempt.php @@ -46,6 +46,10 @@ class LoginAttempt extends DataObject 'Member' => Member::class, // only linked if the member actually exists ); + private static $indexes = array( + "EmailHashed" => true + ); + private static $table_name = "LoginAttempt"; /** @@ -86,7 +90,6 @@ class LoginAttempt extends DataObject public static function getByEmail($email) { return static::get()->filterAny(array( - 'Email' => $email, 'EmailHashed' => sha1($email), )); }