diff --git a/authentik/policies/process.py b/authentik/policies/process.py index ad999b623..296c5bc9e 100644 --- a/authentik/policies/process.py +++ b/authentik/policies/process.py @@ -103,7 +103,7 @@ class PolicyProcess(PROCESS_CLASS): LOGGER.debug("P_ENG(proc): error", exc=src_exc) policy_result = PolicyResult(False, str(src_exc)) policy_result.source_binding = self.binding - if not self.request.debug: + if self.request.should_cache: key = cache_key(self.binding, self.request) cache.set(key, policy_result, CACHE_TIMEOUT) LOGGER.debug( diff --git a/authentik/policies/types.py b/authentik/policies/types.py index f09818b44..76653d6c2 100644 --- a/authentik/policies/types.py +++ b/authentik/policies/types.py @@ -46,6 +46,15 @@ class PolicyRequest: return self.context["geoip"] = GEOIP_READER.city(client_ip) + @property + def should_cache(self) -> bool: + """Check if this request's result should be cached""" + if not self.user.is_authenticated: + return False + if self.debug: + return False + return True + def __repr__(self) -> str: return self.__str__()