User collection query has limit set to 10 for a single item fetch

[vibhor-web-headout]

Link to reproduction

No response

Describe the Bug

The following is the query passed to the DB adapter from the flow mentioned the file in the following link:

https://github.com/payloadcms/payload/blob/ae7d6f97d205491390f15850e5104c7abded1550/packages/payload/src/auth/strategies/apiKey.ts#L41

{"collection":"users","locale":"en","where":{"and":[{"apiKeyIndex":{"equals":"my-api-key-index"}}]},"limit":10,"pagination":true,"page":1}

The limit: 10 causes it to do a full collection scan and later once the query is resolved, payload only refers to the first item in the result. CMIIW, apiKeyIndex is supposed to be unique for each API-Key, right ? If so, the limit should be 1

To Reproduce

Any API call with payload-token in its cookie would trigger this flow.

Payload Version

2.22.0

Adapters and Plugins

No response

[vibhor-web-headout]

Another thing to add. apiKeyIndex is not an indexed field per the schema.

During load testing, we observed that the first request takes a decent amount of time (compared to the successive). The query with apiKeyIndex would take longer at first, and the same query later took significantly less time. I guess that the DB cached that query internally.

Have you considered indexing that key since every time authentication makes a query upon that field?

[jmikrut]

Hey @vibhor-web-headout — good catches. We will index the apiKeyIndex (wow) and also limit the documents to 1. Can also set pagination: false because that's also unnecessary within that find operation.

These changes should be made to v2 and v3.