josedev999
commented
4 years ago @ZaidWaseem10 I think it is matter of how you put middlewares in order. You need to put authorization middleware in front of cache middleware.
Open ZaidWaseem10 opened 4 years ago
josedev999
commented
4 years ago @ZaidWaseem10 I think it is matter of how you put middlewares in order. You need to put authorization middleware in front of cache middleware.
I have an API KEY header with each request. Generally whats happening is that if the first request has correct api key, the response will be cached. Now if anyone makes a request to the same endpoint without correct api key, the cache will also be served. It fails the security measures taken for the endpoint. Is there any way to validate API-KEY in each and every request? even though the response is cached.