Consider a user session storage solution for permissions caching #131
Description
Proposed solution
The new GA4GH RI JWT-based claims cause considerable stress and traffic on the application. In the current solution (based on the previous implementation) a request that contains a token will always have to go through the decoding and validation process. For example in a case where 10 users query the service, each of them having 10 dataset permissions, the service will have to decode 100 tokens, make 100 requests for JWKs, validate those 100 tokens. On each request.
Investigate a solution on how to cache the permissions (up to 1 hour, or based on token exp claim) to avoid the decoding-requesting-validation process for subsequent queries.
DoD (Definition of Done)
Investigate and implement a user session solution to store permissions, so that subsequent queries don't create new token validation processes and requests.
Related to #130
Testing
Unit tests.
Integration tests.
Documentation.