Suggested changes

stytchauth · Dec 8, 2023 · 35b2d06 · 35b2d06
1 parent 6a1407f
commit 35b2d06
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 10 deletions.
diff --git a/stytch/b2b/rbac.go b/stytch/b2b/rbac.go
@@ -48,18 +48,14 @@ type PolicyCache struct {
 	lastUpdatedAt time.Time
 }
 
-const refreshCadence = 300 * time.Second
+const refreshCadence = 5 * time.Minute
 
 func NewPolicyCache(rbacClient *RBACClient) *PolicyCache {
 	return &PolicyCache{rbacClient: rbacClient}
 }
 
-func (pc *PolicyCache) shouldRefreshPolicy() bool {
-	return time.Since(pc.lastUpdatedAt) > refreshCadence
-}
-
 func (pc *PolicyCache) Get(ctx context.Context) (*rbac.Policy, error) {
-	if pc.policy == nil || pc.shouldRefreshPolicy() {
+	if pc.policy == nil || time.Since(pc.lastUpdatedAt) > refreshCadence {
 		policyResp, err := pc.rbacClient.Policy(ctx, &rbac.PolicyParams{})
 		if err != nil {
 			return nil, err

diff --git a/stytch/b2b/sessions.go b/stytch/b2b/sessions.go
@@ -342,11 +342,11 @@ func (c *SessionsClient) AuthenticateJWTLocal(
 		if err != nil {
 			return nil, fmt.Errorf("failed to get cached policy: %w", err)
 		}
-	}
 
-	err = shared.PerformAuthorizationCheck(policy, claims.Roles, memberSession.OrganizationID, authorizationCheck)
-	if err != nil {
-		return nil, err
+		err = shared.PerformAuthorizationCheck(policy, claims.Roles, memberSession.OrganizationID, authorizationCheck)
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	return memberSession, nil