Using Map as an in-memory cache in Spring with TTL

Question

I'm implementing an authorization logic with passwordless login.

In order to log in to the system a client must:

1. send GET /auth/challenge request along with their username
2. get response from the above request which contains some encyption, do magic and send POST /auth/verify request with generated secret and (hopefully) get logged in

Right now I'm thinking about ways to ensure that /auth/verify is called right after /auth/challenge and not in say 1-2 days after /auth/challenge was made.

So, when /auth/challenge is performed, a large random prime is generated and then encoded and sent along with some other stuff. When it's generated on the server-side I can save it with a current timestamp and perform validation on expiration when second request is sent, but that seems as too much unneeded interactions with a db. Saving encoded primes to some map with ttl seems like a more elegant approach, but in this case there's a need of removing old map entries which right now I can imagine only in a for of some @Scheduler which would remove "expired" primes.

Whould it be efficient to store encoded primes like this, or is there any other more request-oriented way of doing this?

Answer 1

Maybe you should use Redis (key-value) database for it. You could set expire key property like here:

Set a timeout on key. After the timeout has expired, the key will automatically be deleted.