omniphx / forrest

A Laravel library for Salesforce
https://omniphx.github.io/forrest/
MIT License
259 stars 120 forks source link

Does authenticate() counts as regular API call in Salesforce's counter? #216

Open stzahi opened 5 years ago

stzahi commented 5 years ago

I have a very simple app that sends 2 queries API calls in order to initialize itself. After initializing it, waiting a few minutes and refreshing Salesforce's system overview dashboard, I can detect that the API calls counter has been raised by 3. After dumping data from your library I can see that before sending my queries, there were 2 HTTP calls to SF. The first one to: https://abcd.my.salesforce.com/services/data (Got an array of SF versions in response) The second one to: https://abcd.my.salesforce.com/services/data/v46.0 (Got an array of API methods , apparently related to my user's previliges I guess)

I assume that both of them happens in the authenticate method. Does any of them registered as an API call for Salesforce? In case they are, Is there any way to disable them? I'm very short on API calls.

Thank you very much! Tzahi.

omniphx commented 5 years ago

Hi @stzahi, you should be able to cut out the API version call if you manually configure a version. That request is only made if one is not configured.

For the second "resources" request, that response should persist in either as a session or cache in your application. So it should only be a one-time call.

If you wanted to avoid it altogether, you could probably use Session:set() or Cache::set() to store pre-configured resources which is just an array of available API callouts

stzahi commented 5 years ago

Thank you @omniphx , I have another question. Does authenticate() method generates a new SF token and disables any older tokens? That means that if I use it in the entrance to my controller, and a customer in my website is processing sime API calls to SF, If another customer enters concurrently, will he break the first customer's token?

omniphx commented 5 years ago

Each customer will have their own unique application token which they can use to connect to your Salesforce org. So there should be no issues with race conditions