From 423dc89c943b1d10011df2a533f76ac7fd56b3f9 Mon Sep 17 00:00:00 2001
From: Garfield <garfield@fetcherpay.com>
Date: Sun, 17 May 2026 20:02:02 -0400
Subject: [PATCH] perf(oauth): Redis-cache getTokenCustomer to eliminate
 uncached DB hit on every ChatGPT API call

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 hermes-k8s.yaml | 2 +-
 src/oauth.ts    | 9 ++++++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/hermes-k8s.yaml b/hermes-k8s.yaml
index 1c7ced5..bfa8488 100644
--- a/hermes-k8s.yaml
+++ b/hermes-k8s.yaml
@@ -22,7 +22,7 @@ spec:
         fsGroup: 1000
       containers:
         - name: hermes-mcp
-          image: localhost:32000/hermes-mcp@sha256:0132eade2173eae3428a24757d2228253acf3f924f7a6c7a061f088e8d0dc891
+          image: localhost:32000/hermes-mcp@sha256:c65ffbbf87a8741c1c9d79e1b39be735535871a9968c680c2c8ff3fb108acfb0
           imagePullPolicy: Always
           securityContext:
             allowPrivilegeEscalation: false
diff --git a/src/oauth.ts b/src/oauth.ts
index 369491a..ad9151f 100644
--- a/src/oauth.ts
+++ b/src/oauth.ts
@@ -1,6 +1,7 @@
 import crypto from 'crypto';
 import type { RowDataPacket } from 'mysql2/promise';
 import { getPool, isPoolReady } from './db.js';
+import redis from './redis.js';
 
 const AUTH_CODE_EXPIRY_MS = 10 * 60 * 1000; // 10 minutes
 const TOKEN_EXPIRY_MS = 24 * 60 * 60 * 1000; // 24 hours
@@ -298,13 +299,19 @@ export async function validateAccessToken(tokenValue: string): Promise<boolean>
 
 export async function getTokenCustomer(tokenValue: string): Promise<{ customerId: string } | null> {
   try {
+    const cacheKey = `oauth:token:${tokenValue}`;
+    const cached = await redis.get(cacheKey);
+    if (cached) return { customerId: cached };
+
     const pool = getPool();
     const [rows] = await pool.execute<RowDataPacket[]>(
       'SELECT customer_id FROM oauth_tokens WHERE token = ? AND expires_at > NOW()',
       [tokenValue]
     );
     if (!Array.isArray(rows) || rows.length === 0 || !rows[0].customer_id) return null;
-    return { customerId: rows[0].customer_id as string };
+    const customerId = rows[0].customer_id as string;
+    await redis.setEx(cacheKey, 60, customerId);
+    return { customerId };
   } catch (err) {
     console.error('[oauth] getTokenCustomer error:', err);
     return null;