JILI jackpot Lucky casino login,0xBET casino no deposit bonus.Recharge Every day and Get Bonus up-to 50%!

Resolved

(@davefx)

Hi!

We are using your plugin on our site and I’ve observed that every call to the /checkout page generates a call to the Braintree API to obtain the client_token. This request is somewhat time-expensive, compared to the time the checkout screen takes to render.

Have you considered the possibility of caching the returned value so we are not constantly asking Braintree for the client_token again and again?

In our site we are using Redis as a persistent object cache, so this change would represent a big improvement in the server performance.

I’ve carried out a local test replacing the contents of the wc_braintree_generated_client_token() function with the following ones:

function wc_braintree_generate_client_token( $env = '' ) {
	$client_token = '';
	try {
		$args = array();
		if ( ( $merchant_account = wc_braintree_get_merchant_account( wc_braintree_get_currency() ) ) ) {
			$args['merchantAccountId'] = $merchant_account;
		}
		$cache_key = 'wc_braintree_client_token_' . md5(json_encode($args) . json_encode( $env ) );
		$client_token = wp_cache_get( $cache_key, 'woo-payment-gateway' );

		if ( $client_token === false ) {
			$gateway      = new \Braintree\Gateway( wc_braintree_connection_settings( $env ) );
			$client_token = $gateway->clientToken()->generate( $args );
			wp_cache_set( $cache_key, $client_token, 'woo-payment-gateway', 60 );
		}
	} catch ( \Braintree\Exception $e ) {
		wc_braintree_log_error( sprintf( __( 'Error creating client token. Exception: %1$s', 'woo-payment-gateway' ), get_class( $e ) ) );
	}

	return $client_token;
}

and things seem to keep working, but now much faster.

Am I missing anything?

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Author Payment Plugins
(@mrclayton)

4 years ago

Hi @davefx,

The issue with caching the client token is it has an expiration time and a max consumption count.

Braintree doesn’t provide an exact number but you can’t consume the client token too many times before it throws an error due to security reasons.

That is why I have coded it to generate a new client token during each page load.

Kind regards,

Plugin Author Payment Plugins
(@mrclayton)

4 years ago

I could add a hook in the next version that allows merchants to controls this client token generation. But it will be at your own risk for the reasons outlined in the previous response.

Kind regards,
Thread Starter David Marín Carre?o
(@davefx)

4 years ago
After contacting Braintree support they’ve told me:

Client tokens are only valid for 24 hours. However, we still recommend generating one for each customer for a couple of reasons:

* If too many payment methods are made in short succession using the same client token, it will be invalidated (we do not provide specific figures for this to mitigate fraud risk)

* There are additional parameters you can pass in client token generation that may be customer or currency-specific (customer ID, or merchant account ID respectively). A token will be invalidated after its first use if these parameters are present.

For these 2 reasons, it is a best practice to generate a new client token as frequently as possible, if not for each unique customer session.

As the code is providing the merchant account ID, I’m afraid we won’t be able to activate this caching unless we are also able to invalidate any existing cached value if the client token is used.
- This reply was modified 4 years ago by David Marín Carre?o.
- This reply was modified 4 years ago by David Marín Carre?o.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Caching client_token’ is closed to new replies.

Tags