
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
@fastify/caching
Advanced tools
A plugin for Fastify to enable management of cache control headers
@fastify/caching is a plugin for the Fastify framework that provides server-side caching and mechanisms for manipulating HTTP cache headers according to RFC 2616 §14.9.
This plugin fully supports Fastify's encapsulation. Therefore, routes that should have differing cache settings should be registered within different contexts.
In addition to providing header manipulation, the plugin also decorates the server instance with an object that can be used for caching items. Note: the default cache should not be used in a "production" environment. It is an LRU, in-memory cache that is capped at 100,000 items. It is highly recommended that a full-featured cache object be supplied, e.g. abstract-cache-redis.
npm i @fastify/caching
Plugin version | Fastify version |
---|---|
^9.x | ^5.x |
^8.x | ^4.x |
^6.x | ^3.x |
^4.x | ^2.x |
^1.x | ^1.x |
Please note that if a Fastify version is out of support, then so are the corresponding versions of this plugin in the table above. See Fastify's LTS policy for more details.
This example shows using the plugin to disable client-side caching of all routes.
const http = require('node:http')
const fastify = require('fastify')()
const fastifyCaching = require('@fastify/caching')
fastify.register(
fastifyCaching,
{privacy: fastifyCaching.privacy.NOCACHE},
(err) => { if (err) throw err }
)
fastify.get('/', (req, reply) => {
reply.send({hello: 'world'})
})
fastify.listen({ port: 3000 }, (err) => {
if (err) throw err
http.get('http://127.0.0.1:3000/', (res) => {
console.log(res.headers['cache-control'])
})
})
This example shows how to register the plugin such that it only provides a server-local cache. It will not set any cache control headers on responses. It also shows how to retain a reference to the cache object so that it can be re-used.
const IORedis = require('ioredis')
const redis = new IORedis({host: '127.0.0.1'})
const abcache = require('abstract-cache')({
useAwait: false,
driver: {
name: 'abstract-cache-redis', // must be installed via `npm i`
options: {client: redis}
}
})
const fastify = require('fastify')()
fastify
.register(require('@fastify/redis'), {client: redis})
.register(require('@fastify/caching'), {cache: abcache})
fastify.get('/', (req, reply) => {
fastify.cache.set('hello', {hello: 'world'}, 10000, (err) => {
if (err) return reply.send(err)
reply.send({hello: 'world'})
})
})
fastify.listen({ port: 3000 }, (err) => {
if (err) throw err
})
@fastify/caching accepts the options object:
{
privacy: 'value',
expiresIn: 300,
cache: {get, set},
cacheSegment: 'segment-name'
}
privacy
(Default: undefined
): can be set to any string that is valid
for a cache-response-directive as defined by RFC 2616.expiresIn
(Default: undefined
): a value, in seconds, for the max-age the
resource may be cached. When this is set, and privacy
is not set to no-cache
,
then ', max-age=<value>'
will be appended to the cache-control
header.cache
(Default: abstract-cache.memclient
): an abstract-cache
protocol-compliant cache object. Note: the plugin requires a cache instance to
properly support the ETag mechanism. Therefore, if a falsy value is supplied
the default will be used.cacheSegment
(Default: '@fastify/caching'
): segment identifier to use when
communicating with the cache.serverExpiresIn
(Default: undefined
): a value, in seconds, for the length of time the resource is fresh and may be held in a shared cache (e.g. a CDN). Shared caches will ignore max-age when this is specified, though browsers will continue to use max-age. Should be used with expiresIn, not in place of it. When this is set, and privacy
is set to public
, then ', s-maxage=<value>'
will be appended to the cache-control
header.reply.etag(string, number)
This method allows setting of the etag
header. It accepts any arbitrary
string. Be sure to supply a string that is valid for HTTP headers.
If a tag string is not supplied then uid-safe will be used to generate a tag. This operation will be performed synchronously. It is recommended to always supply a value to this method to avoid this operation.
All incoming requests to paths affected by this plugin will be inspected for
the if-none-match
header. If the header is present, the value will be used
to lookup the tag within the cache associated with this plugin. If the tag is
found, then the response will end with a 304 status code sent to
the client.
Tags will be cached according to the second parameter. If the second parameter
is supplied, and it is an integer, then it will be used as the time to cache
the etag for generating 304 responses. The time must be specified in
milliseconds. The default lifetime, when the parameter is not specified, is
3600000
.
reply.expires(date)
This method allows setting of the expires
header. It accepts a regular Date
object or a string that is a valid date string according to
RFC 2616 §14.21.
Licensed under MIT.
FAQs
A plugin for Fastify to enable management of cache control headers
The npm package @fastify/caching receives a total of 0 weekly downloads. As such, @fastify/caching popularity was classified as not popular.
We found that @fastify/caching demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.