pub fn generate_cache_key(
query: &str,
variables: &Value,
where_clause: Option<&WhereClause>,
schema_version: &str,
) -> u64Expand description
Generate cache key for query result.
§Security Critical
DIFFERENT VARIABLE VALUES MUST PRODUCE DIFFERENT KEYS to prevent data
leakage between users. This function feeds the full query, variables, WHERE
clause, and schema version into a single-pass ahash for a fast, deterministic
u64 key.
§Key Composition
The cache key is a single ahash pass over:
ahash(
query_bytes +
hash(variables) + ← recursive, canonical key ordering
hash(WHERE_clause) + ← structural, not serde-dependent
schema_version_bytes
)This ensures:
- Same query + variables = same key (cache hit)
- Different variables = different key (security)
- Different WHERE clauses = different key (correctness)
- Schema changes = different key (validity)
§Arguments
query- GraphQL query stringvariables- Query variables from GraphQL request (optional)where_clause- WHERE filter from auto-params (optional)schema_version- Schema hash fromCompiledSchema
§Returns
A u64 cache key suitable for use as a hash-map key.
§Security Examples
use fraiseql_core::cache::generate_cache_key;
use serde_json::json;
let query = "query getUser($id: ID!) { user(id: $id) { name } }";
// Different users MUST get different cache keys
let alice_key = generate_cache_key(query, &json!({"id": "alice"}), None, "v1");
let bob_key = generate_cache_key(query, &json!({"id": "bob"}), None, "v1");
assert_ne!(alice_key, bob_key, "Security: different variables must produce different keys");
// Same user MUST get same key (determinism)
let alice_key2 = generate_cache_key(query, &json!({"id": "alice"}), None, "v1");
assert_eq!(alice_key, alice_key2, "Determinism: same inputs must produce same key");