MongoDB causing large delay with unknown findOne method - New Relic
After looking at the code that you provided, it appears that the .findOne() that appears in your performance log is the one performed when searching for a user and authenticating him.
Thus, it appears that the performance bottleneck is occurring in one of the below 2 queries:
/* * LOCAL LOGIN */// find a user whose email is the same as the forms email // we are checking to see if the user trying to login already exists User.findOne({ 'email' : email }, function(err, user) {.../* * LOCAL SIGNUP */ // find a user whose email is the same as the forms email // we are checking to see if the user trying to login already exists User.findOne({ 'email': email...I see that in both of your passport local strategies you are searching against the email field, thus you can improve performance by creating an index on that field.
To try optimizing the LOCAL LOGIN findOne query even more, you can try adding an index for the users collection on the email field, if you haven't already:
// This index will optimize queries that search against the {email} fielddb.users.createIndex({ email: 1});UPDATE #1
I found a related Stack Overflow topic that might be the answer to your performance issue - you should update the below line in your express.js configuration:
app.use(session({ secret: '', resave: false, saveUninitialized: false }));to
app.use(session({ secret: '', resave: true, saveUninitialized: true }));I also managed to find these notes regarding the resave and saveUninitalized properties in the Express JS documentation:
Forces a session that is "uninitialized" to be saved to the store. A session is uninitialized when it is new but not modified. Choosing false is useful for implementing login sessions, reducing server storage usage, or complying with laws that require permission before setting a cookie. Choosing false will also help with race conditions where a client makes multiple parallel requests without a session.
The default value is true, but using the default has been deprecated, as the default will change in the future. Please research into this setting and choose what is appropriate to your use-case.
Note if you are using Session in conjunction with PassportJS, Passport will add an empty Passport object to the session for use after a user is authenticated, which will be treated as a modification to the session, causing it to be saved. This has been fixed in PassportJS 0.3.0
Forces the session to be saved back to the session store, even if the session was never modified during the request. Depending on your store this may be necessary, but it can also create race conditions where a client makes two parallel requests to your server and changes made to the session in one request may get overwritten when the other request ends, even if it made no changes (this behavior also depends on what store you're using).
The default value is true, but using the default has been deprecated, as the default will change in the future. Please research into this setting and choose what is appropriate to your use-case. Typically, you'll want false.
How do I know if this is necessary for my store? The best way to know is to check with your store if it implements the touch method. If it does, then you can safely set resave: false. If it does not implement the touch method and your store sets an expiration date on stored sessions, then you likely need resave: true.