auth0 provides authorization to allow a third party service to retrieve your data from the main application. Reminder: authorization is about access to the system, authentication is about proof of ownership of a resource. For example: you, as a developer, want to enable users to import their Google calendar into some application. The question arises how to do this, because only you can access all events in your calendar after authorization. …
Like all good stories, this one also has been started with fuck up on production. Once we started receiving randomly failed jobs, their processes were killed by our service. It was because of the bad request below:
targeting_strategies.single.that_are_archived.where('ip_addresses = ?, true).present? && ip_addresses.present?
A little spoiled: the problem was in
The problem was in IpAddresses table: for that moment it had more than 2 million records and the usual time for this request was more than 30 minutes. …