⚡️ Speed up function get_auth_service by 279% in PR #11654 (feat/pluggable-auth-service-1.8)#11659
Closed
codeflash-ai[bot] wants to merge 2 commits into
Closed
⚡️ Speed up function get_auth_service by 279% in PR #11654 (feat/pluggable-auth-service-1.8)#11659codeflash-ai[bot] wants to merge 2 commits into
get_auth_service by 279% in PR #11654 (feat/pluggable-auth-service-1.8)#11659codeflash-ai[bot] wants to merge 2 commits into
Conversation
* feat: Introduce service registration decorator and enhance ServiceManager for pluggable service discovery
- Added `register_service` decorator to allow services to self-register with the ServiceManager.
- Enhanced `ServiceManager` to support multiple service discovery mechanisms, including decorator-based registration, config files, and entry points.
- Implemented methods for direct service class registration and plugin discovery from various sources, improving flexibility and extensibility of service management.
* feat: Implement VariableService for managing environment variables
- Introduced VariableService class to handle environment variables with in-memory caching.
- Added methods for getting, setting, deleting, and listing variables.
- Included logging for service initialization and variable operations.
- Created an __init__.py file to expose VariableService in the package namespace.
* feat: Enhance LocalStorageService with Service integration and async teardown
- Updated LocalStorageService to inherit from both StorageService and Service for improved functionality.
- Added a name attribute for service identification.
- Implemented an async teardown method for future extensibility, even though no cleanup is currently needed.
- Refactored the constructor to ensure proper initialization of both parent classes.
* feat: Implement telemetry service with abstract base class and minimal logging functionality
- Added `BaseTelemetryService` as an abstract base class defining the interface for telemetry services.
- Introduced `TelemetryService`, a lightweight implementation that logs telemetry events without sending data.
- Created `__init__.py` to expose the telemetry service in the package namespace.
- Ensured robust async methods for logging various telemetry events and handling exceptions.
* feat: Introduce BaseTracingService and implement minimal TracingService
- Added `BaseTracingService` as an abstract base class defining the interface for tracing services.
- Implemented `TracingService`, a lightweight version that logs trace events without external integrations.
- Included async methods for starting and ending traces, tracing components, and managing logs and outputs.
- Enhanced documentation for clarity on method usage and parameters.
* feat: Add unit tests for service registration decorators
- Introduced a new test suite for validating the functionality of the @register_service decorator.
- Implemented tests for various service types including LocalStorageService, TelemetryService, and TracingService.
- Verified behavior for service registration with and without overrides, ensuring correct service management.
- Included tests for custom service implementations and preservation of class functionality.
- Enhanced overall test coverage for the service registration mechanism.
* feat: Add comprehensive unit and integration tests for ServiceManager
- Introduced a suite of unit tests covering edge cases for service registration, lifecycle management, and dependency resolution.
- Implemented integration tests to validate service loading from configuration files and environment variables.
- Enhanced test coverage for various service types including LocalStorageService, TelemetryService, and VariableService.
- Verified behavior for service registration with and without overrides, ensuring correct service management.
- Ensured robust handling of error conditions and edge cases in service creation and configuration parsing.
* feat: Add unit and integration tests for minimal service implementations
- Introduced comprehensive unit tests for LocalStorageService, TelemetryService, TracingService, and VariableService.
- Implemented integration tests to validate the interaction between minimal services.
- Ensured robust coverage for file operations, service readiness, and exception handling.
- Enhanced documentation within tests for clarity on functionality and expected behavior.
* docs: Add detailed documentation for pluggable services architecture and usage
* feat: Add example configuration file for Langflow services
* docs: Update PLUGGABLE_SERVICES.md to enhance architecture benefits section
- Revised the documentation to highlight the advantages of the pluggable service system.
- Replaced the migration guide with a detailed overview of features such as automatic discovery, lazy instantiation, dependency injection, and lifecycle management.
- Clarified examples of service registration and improved overall documentation for better understanding.
* [autofix.ci] apply automated fixes
* test(services): improve variable service teardown test with public API assertions
* docs(pluggable-service-layer): add docstrings for service manager and implementations
* fix: remove duplicate teardown method from LocalStorageService
During rebase, the teardown method was added in two locations (lines 57 and 220).
Removed the duplicate at line 57, keeping the one at the end of the class (line 220)
which is the more appropriate location for cleanup methods.
* fix(tests): update service tests for LocalStorageService constructor changes
- Add MockSessionService fixtures to test files that use ServiceManager
- Update LocalStorageService test instantiation to use mock session and settings services
- Fix service count assertions to account for MockSessionService in fixtures
- Remove duplicate class-level clean_manager fixtures in test_edge_cases.py
These changes fix test failures caused by LocalStorageService requiring
session_service and settings_service parameters instead of just data_dir.
* fix(services): Harden service lifecycle methods
- Fixed Diamond Inheritance in LocalStorageService
- Added Circular Dependency Detection in _create_service_from_class
- Fixed StorageService.teardown to Have Default Implementation
* docs: Update discovery order for pluggable services
* fix(lfx): replace aiofile with aiofiles for CI compatibility
- The aiofile library uses native async I/O (libaio) which fails with
EAGAIN (SystemError: 11, 'Resource temporarily unavailable') in
containerized environments like GitHub Actions runners.
- Switch to aiofiles which uses thread pool executors, providing reliable
async file I/O across all environments including containers.
* [autofix.ci] apply automated fixes
* fix(lfx): prevent race condition in plugin discovery
The discover_plugins() method had a TOCTOU (time-of-check to time-of-use)
race condition. Since get() uses a keyed lock (per service name), multiple
threads requesting different services could concurrently see
_plugins_discovered=False and trigger duplicate plugin discovery.
Wrap discover_plugins() with self._lock to ensure thread-safe access to
the _plugins_discovered flag and prevent concurrent discovery execution.
* [autofix.ci] apply automated fixes
* feat: Introduce service registration decorator and enhance ServiceManager for pluggable service discovery
- Added `register_service` decorator to allow services to self-register with the ServiceManager.
- Enhanced `ServiceManager` to support multiple service discovery mechanisms, including decorator-based registration, config files, and entry points.
- Implemented methods for direct service class registration and plugin discovery from various sources, improving flexibility and extensibility of service management.
* feat: Enhance LocalStorageService with Service integration and async teardown
- Updated LocalStorageService to inherit from both StorageService and Service for improved functionality.
- Added a name attribute for service identification.
- Implemented an async teardown method for future extensibility, even though no cleanup is currently needed.
- Refactored the constructor to ensure proper initialization of both parent classes.
* docs(pluggable-service-layer): add docstrings for service manager and implementations
* feat(auth): implement abstract base class for authentication services and add auth service retrieval function
* refactor(auth): move authentication logic from utils to AuthService
Consolidate all authentication methods into the AuthService class to
enable pluggable authentication implementations. The utils module now
contains thin wrappers that delegate to the registered auth service.
This allows alternative auth implementations (e.g., OIDC) to be
registered via the pluggable services system while maintaining
backward compatibility with existing code that imports from utils.
Changes:
- Move all auth logic (token creation, user validation, API key
security, password hashing, encryption) to AuthService
- Refactor utils.py to delegate to get_auth_service()
- Update function signatures to remove settings_service parameter
(now obtained from the service internally)
* refactor(auth): update authentication methods and remove settings_service parameter
- Changed function to retrieve current user from access token instead of JWT.
- Updated AuthServiceFactory to specify SettingsService type in create method.
- Removed settings_service dependency from encryption and decryption functions, simplifying the code.
This refactor enhances the clarity and maintainability of the authentication logic.
* test(auth): add unit tests for AuthService and pluggable authentication
- Introduced comprehensive unit tests for AuthService, covering token creation, user validation, and authentication methods.
- Added tests for pluggable authentication, ensuring correct delegation to registered services.
- Enhanced test coverage for user authentication scenarios, including active/inactive user checks and token validation.
These additions improve the reliability and maintainability of the authentication system.
* fix(tests): update test cases to use AuthService and correct user retrieval method
- Replaced the mock for retrieving the current user from JWT to access token in the TestSuperuserCommand.
- Refactored unit tests for MCP encryption to utilize AuthService instead of a mock settings service, enhancing test reliability.
- Updated patch decorators in tests to reflect the new method of obtaining the AuthService, ensuring consistency across test cases.
These changes improve the accuracy and maintainability of the authentication tests.
* docs(pluggable-services): add auth_service to ServiceType enum documentation
* fix(auth): Add missing type hints and abstract methods to AuthServiceBase (#10710)
Co-authored-by: ogabrielluiz <24829397+ogabrielluiz@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
* [autofix.ci] apply automated fixes
* fix(auth): refactor api_key_security method to accept optional database session and improve error handling
* feat(auth): enhance AuthServiceBase with detailed design principles and JIT provisioning methods
* fix(auth): remove settings_service from encrypt/decrypt_api_key calls
After the pluggable auth refactor, encrypt_api_key and decrypt_api_key
no longer take a settings_service argument - they get it internally.
- Update check_key import path in __main__.py (moved to crud module)
- Remove settings_service argument from calls in:
- api/v1/api_key.py
- api/v1/store.py
- services/variable/service.py
- services/variable/kubernetes.py
- Fix auth service to use session_scope() instead of non-existent
get_db_service().with_session()
* fix(auth): resolve type errors and duplicate definitions in pluggable auth branch
- Add missing imports in auth/utils.py (Final, HTTPException, status,
logger, SettingsService) that prevented application startup
- Remove duplicate NoServiceRegisteredError class in lfx/services/manager.py
- Remove duplicate teardown method in lfx/services/storage/local.py
- Fix invalid settings_service parameter in encrypt_api_key calls
in variable/service.py and variable/kubernetes.py
- Add proper type guards for check_key calls to satisfy mypy
- Add null checks for password fields in users.py endpoints
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* [autofix.ci] apply automated fixes
* replace jose with pyjwt
* [autofix.ci] apply automated fixes
* starter projects
* fix BE mcp tests
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* remive legacy usage of session
* fix user tests
* [autofix.ci] apply automated fixes
* fix lfx tests
* starter project update
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* fix mypy errors
* fix mypy errors on tests
* fix tests for decrypt_api_key
* resolve conflicts in auth utils
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* Add pluggable authentication factory with provider enum
* Add SSO feature flags to AuthSettings
* Add SSO fields to User model
* Add SSO configuration loader with YAML support
* Add unit tests for SSO configuration loader
* Add SSO configuration database model and CRUD operations
* Add CRUD operations for SSO configuration management
* Add SSO configuration service supporting both file and database configs
* Add example SSO configuration file with W3ID and other providers
* Implement OIDC authentication service with discovery and JIT provisioning
* Update AuthServiceFactory to instantiate OIDC service when SSO enabled
* Improve JWT token validation and API key decryption error handling
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes
* fix: resolve ruff linting errors in auth services and add sso-config.yaml to gitignore
* [autofix.ci] apply automated fixes
* fix: use correct function name get_current_user_from_access_token in login endpoint
* fix: remove incorrect settings_service parameter from decrypt_api_key call
* fix: correct encryption logic to properly detect plaintext vs encrypted values
* [autofix.ci] apply automated fixes
* fix tests
* [autofix.ci] apply automated fixes
* fix mypy errors
* fix tests
* [autofix.ci] apply automated fixes
* fix ruff errors
* fix tests in service
* [autofix.ci] apply automated fixes
* fix test security cors
* [autofix.ci] apply automated fixes
* fix webhook issues
* modify component index
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* fix webhook tests
* [autofix.ci] apply automated fixes
* build component index
* remove SSO functionality
* [autofix.ci] apply automated fixes
* fix variable creation
* [autofix.ci] apply automated fixes
* refactor: move MCPServerConfig schema to a separate file and update model_dump usage
* refactor: streamline AuthServiceFactory to use service_class for instance creation
* handle access token type
* [autofix.ci] apply automated fixes
* remove SSO fields from user model
* [autofix.ci] apply automated fixes
* replace is_encrypted back
* fix mypy errors
* remove sso config example
* feat: Refactor framework agnostic auth service (#11565)
* modify auth service layer
* [autofix.ci] apply automated fixes
* fix ruff errorrs
* [autofix.ci] apply automated fixes
* Update src/backend/base/langflow/services/deps.py
Co-authored-by: codeflash-ai[bot] <148906541+codeflash-ai[bot]@users.noreply.github.com>
* address review comments
* [autofix.ci] apply automated fixes
* fix ruff errors
* remove cache
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: codeflash-ai[bot] <148906541+codeflash-ai[bot]@users.noreply.github.com>
* move base to lfx
* [autofix.ci] apply automated fixes
* resolve review comments
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* add auth protocol
* [autofix.ci] apply automated fixes
* revert models.py execption handling
* revert wrappers to ensure backwards compatibility
* fix http error code
* fix FE tests
* fix test_variables.py
* [autofix.ci] apply automated fixes
* fix ruff errors
* fix tests
* add wrappers for create token methods
* fix ruff errors
* [autofix.ci] apply automated fixes
* update error message
* modify status code for inactive user
* fix ruff errors
* fix patch for webhook tests
* fix error message when getting active users
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Mike Pawlowski <mike.pawlowski@datastax.com>
Co-authored-by: Mike Pawlowski <mpawlow@ca.ibm.com>
Co-authored-by: Himavarsha <40851462+HimavarshaVS@users.noreply.github.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: ogabrielluiz <24829397+ogabrielluiz@users.noreply.github.com>
Co-authored-by: himavarshagoutham <himavarshajan17@gmail.com>
Co-authored-by: Deon Sanchez <69873175+deon-sanchez@users.noreply.github.com>
Co-authored-by: codeflash-ai[bot] <148906541+codeflash-ai[bot]@users.noreply.github.com>
The optimized code achieves a **279% speedup** (from 12.8ms to 3.37ms) through two key optimizations: ## 1. **Module-level caching of `get_service_manager`** The original code imported `get_service_manager` inside the `get_service` function on every call. The optimized version imports it once at module load time as `_get_service_manager`, eliminating repeated import overhead. While Python caches imports in `sys.modules`, the attribute lookup and function resolution still has cost on every call—this is visible in the line profiler showing ~345-539ns per call just for the import and manager retrieval. ## 2. **Short-circuit pattern in `get_auth_service`** (Primary optimization) The original `get_auth_service` **always** instantiated `AuthServiceFactory()` and passed it to `get_service`, even when the auth service already existed in the service manager. The line profiler shows this flow taking 348.5ms total, with 99.9% spent in `get_service` (which internally calls `service_manager.get()`). The optimized version: - First checks if the service already exists via `service_manager.get()` - Only imports and instantiates `AuthServiceFactory()` when the service is missing - Avoids the redundant factory object allocation on every call after the first successful registration **Why this matters:** After the service manager is initialized (which happens once early), subsequent calls to `get_auth_service` were wastefully creating factory objects that were never used. The optimized version detects the already-registered service (269 out of 275 calls hit the fast path per profiler) and returns immediately, spending only 280ms vs 348ms total. The line profiler confirms this: in the optimized version, `get_auth_service` completes in 280ms with 99.8% of time in the `service_manager.get()` call itself (unavoidable), while the original spent additional time creating unused factory objects and making redundant service lookups. **Test case performance:** The stability test with 150 repeated calls particularly benefits from this optimization, as each call after initialization avoids unnecessary object allocation and double-lookup overhead.
Codecov Report❌ Patch coverage is ❌ Your project status has failed because the head coverage (42.10%) is below the target coverage (60.00%). You can increase the head coverage or adjust the target coverage. Additional details and impacted files@@ Coverage Diff @@
## main #11659 +/- ##
==========================================
+ Coverage 35.02% 35.22% +0.19%
==========================================
Files 1515 1521 +6
Lines 72567 72925 +358
Branches 10934 10935 +1
==========================================
+ Hits 25418 25687 +269
- Misses 45755 45843 +88
- Partials 1394 1395 +1
Flags with carried forward coverage won't be shown. Click here to find out more.
🚀 New features to boost your workflow:
|
Base automatically changed from
feat/pluggable-auth-service-1.8
to
release-v1.8.0
February 9, 2026 12:02
Contributor
Author
|
codeflash-ai
Bot
deleted the
codeflash/optimize-pr11654-2026-02-09T00.45.27
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
⚡️ This pull request contains optimizations for PR #11654
If you approve this dependent PR, these changes will be merged into the original PR branch
feat/pluggable-auth-service-1.8.📄 279% (2.79x) speedup for
get_auth_serviceinsrc/backend/base/langflow/services/deps.py⏱️ Runtime :
12.8 milliseconds→3.37 milliseconds(best of17runs)📝 Explanation and details
The optimized code achieves a 279% speedup (from 12.8ms to 3.37ms) through two key optimizations:
1. Module-level caching of
get_service_managerThe original code imported
get_service_managerinside theget_servicefunction on every call. The optimized version imports it once at module load time as_get_service_manager, eliminating repeated import overhead. While Python caches imports insys.modules, the attribute lookup and function resolution still has cost on every call—this is visible in the line profiler showing ~345-539ns per call just for the import and manager retrieval.2. Short-circuit pattern in
get_auth_service(Primary optimization)The original
get_auth_servicealways instantiatedAuthServiceFactory()and passed it toget_service, even when the auth service already existed in the service manager. The line profiler shows this flow taking 348.5ms total, with 99.9% spent inget_service(which internally callsservice_manager.get()).The optimized version:
service_manager.get()AuthServiceFactory()when the service is missingWhy this matters: After the service manager is initialized (which happens once early), subsequent calls to
get_auth_servicewere wastefully creating factory objects that were never used. The optimized version detects the already-registered service (269 out of 275 calls hit the fast path per profiler) and returns immediately, spending only 280ms vs 348ms total.The line profiler confirms this: in the optimized version,
get_auth_servicecompletes in 280ms with 99.8% of time in theservice_manager.get()call itself (unavoidable), while the original spent additional time creating unused factory objects and making redundant service lookups.Test case performance: The stability test with 150 repeated calls particularly benefits from this optimization, as each call after initialization avoids unnecessary object allocation and double-lookup overhead.
✅ Correctness verification report:
🌀 Click to see Generated Regression Tests
To edit these changes
git checkout codeflash/optimize-pr11654-2026-02-09T00.45.27and push.