Login is usually a synchronous process. Using a queue is not impossible, but it will increase complexity.
The synchronous login process is to read the database, determine the correct account and password, and set up the session, which can be completed in one HTTP request.
Changing to asynchronous, I can only think of the following method:
Client generates random token
The client sends the token, account number, and password to the server
The server records this token in redis and has not logged in successfully
The server puts the token, account, and password into the queue for processing
Queue processing, if the account is correct, the token in redis is marked as successful, otherwise it is marked as failure
During the process of server and queue processing, the client keeps using another interface to poll to see if the token login is successful. If successful, all subsequent requests will bring the token, otherwise the client login fails.
So the synchronous login process should be completed as soon as possible, and some operations required after login (sending email notifications, etc.) should be queued instead of the entire login process.
Login is usually a synchronous process. Using a queue is not impossible, but it will increase complexity.
The synchronous login process is to read the database, determine the correct account and password, and set up the session, which can be completed in one HTTP request.
Changing to asynchronous, I can only think of the following method:
Client generates random token
The client sends the token, account number, and password to the server
The server records this token in redis and has not logged in successfully
The server puts the token, account, and password into the queue for processing
Queue processing, if the account is correct, the token in redis is marked as successful, otherwise it is marked as failure
During the process of server and queue processing, the client keeps using another interface to poll to see if the token login is successful. If successful, all subsequent requests will bring the token, otherwise the client login fails.
So the synchronous login process should be completed as soon as possible, and some operations required after login (sending email notifications, etc.) should be queued instead of the entire login process.