Use cached db lookups.

app/controllers/application_controller.rb

@@ -71,7 +71,7 @@ class ApplicationController < ActionController::Base
     # check http basic auth
     authenticate_with_http_basic do |user, password|
       puts 'http basic auth check'
-      userdata = User.where( :login => user ).first
+      userdata = User.lookup( :login => user )
       message = ''
       if !userdata
         message = 'authentication failed, user'

lib/session.rb

@@ -434,7 +434,7 @@ class ClientState
       return if !session_data
       return if !session_data[:user]
       return if !session_data[:user][:id]
-      user = User.where( :id => session_data[:user][:id] ).first
+      user = User.lookup( :id => session_data[:user][:id] )
       return if !user
 
       # set cache key