I am using passport and the passport-facebook-token strategy to secure my Strongllop Loopback API.
Now it seems to me, that every request I sent is actually validating the access_token against the Facebook graph api.
curl -X GET http://localhost:3000/api/events?access_token=BAADku6Ci3nUBAMI4xyqr45vZBtbiySVZBwdH4ph3qu8ukqJkSxalfCvnGiqqk6oX3p6NHQfNamgalANhZCp4wDIwBKXXaVzzH6xPxGzxKp656M64wsqupMdixZBk0p2KZAioZBZB7e2fqop5pFfWBWyamwEcBwHyMMZD
Hence the response time of my node api goes up from < 10ms to 200-800ms...
Is there any way to cache these requests?
I found the answer to my questions in this post:
Why is passport.serializeUser executed on each request?
Check it out :)