Skip to content

Fix cache invalidation bug for Forge key scope updates #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
wilsonccccc merged 2 commits into from
Jul 15, 2025
Merged

Fix cache invalidation bug for Forge key scope updates #11

wilsonccccc merged 2 commits into from
Jul 15, 2025

Conversation

@Dokujaa
Copy link
Contributor

@Dokujaa Dokujaa commented Jul 15, 2025

Problem

Fixes issue #8 where newly added providers were not immediately reflected in Forge key permissions. Users had to wait for the 5-minute cache expiry before seeing updated provider lists.

Root Cause

Cache key format mismatch between cache setting and invalidation operations:

  • Cache setting (get_user_by_api_key): uses stripped key format forge_scope:abc123
  • Cache invalidation: was using full key format forge_scope:forge-abc123

This resulted in cache invalidation calls targeting non-existent cache entries.

Solution

  • Fix cache key format consistency in invalidate_forge_scope_cache() and async variant
  • Strip "forge-" prefix during invalidation to match cache setting format
  • Add cache invalidation calls to API routes for scope updates, key deletion, and regeneration
  • Include comprehensive unit tests covering edge cases and async functionality

All the tests I ran passed, let me know if there are issues still.

Fixes #8

Dokujaa added 2 commits July 14, 2025 22:17
@Dokujaa
Fix cache invalidation bug for Forge key scope updates
934cf96 
- Fix cache key format mismatch in invalidate_forge_scope_cache()
- Ensure cache invalidation uses same key format as cache setting
- Add comprehensive unit tests for cache invalidation behavior

Fixes TensorBlock#8
@Dokujaa
Fix cache invalidation bug for Forge key scope updates
9fd50a4 
- Fix cache key format mismatch in invalidate_forge_scope_cache()
- Apply same fix to async version
- Add comprehensive unit tests with 7 test cases
- Follow project code style guidelines

Fixes TensorBlock#8
@lingtonglu
Copy link
Contributor

lingtonglu commented Jul 15, 2025

Looks good to me. Cloned to my local and validate that it's working correctly. Good work 👍

@wilsonccccc wilsonccccc self-requested a review July 15, 2025 06:46
@wilsonccccc
Copy link
Contributor

wilsonccccc commented Jul 15, 2025

Thanks for the contribution — it's a solid fix. Especially appreciate catching the bug where the cache key was missing the "forge-" prefix. This issue originated from [this line](

forge/app/api/dependencies.py

Line 161 in c2030af

api_key = api_key_from_header[6:]
), where we had previously removed the checksum logic during the process of open-sourcing the repo. That original checksum logic calculated the hash using just the key value (without the "forge-" prefix) to reduce the risk of hash collisions.

@wilsonccccc wilsonccccc merged commit cdc7b0f into TensorBlock:main Jul 15, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wilsonccccc wilsonccccc wilsonccccc approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug] Newly added provider not reflected in allowed provider list for Forge key

3 participants

@Dokujaa @lingtonglu @wilsonccccc