One of the most common performance issues I’ve seen in Laravel applications is related to roles and permissions.
At first, everything works fine.
But as the application grows, authorization checks become more frequent — and suddenly, your database is handling a large number of repetitive queries just to validate permissions.
The Problem
Even when using caching strategies, many applications still:
- Hit the database frequently for permission checks
- Recompute authorization logic on every request
- Struggle under high load scenarios
This becomes especially noticeable in systems with:
- Complex role structures
- Multiple middleware checks
- High traffic
The Idea
Instead of relying on the database (even with caching), I explored a different approach:
Move roles and permissions entirely into Redis
The goal:
- Keep authorization in-memory
- Eliminate repetitive queries
- Improve response times
The Approach
The core idea is simple:
- Store roles and permissions in Redis
- Resolve all authorization checks from memory
- Avoid hitting the database during request lifecycle
This allows permission checks to be:
- Faster
- More scalable
- More predictable under load
The Result
I built a package around this idea:
https://github.com/scabarcas17/laravel-permissions-redis
https://packagist.org/packages/scabarcas/laravel-permissions-redis
It’s designed to integrate naturally with Laravel while replacing repetitive database queries with Redis-based resolution.
When Does This Make Sense?
This approach is especially useful if:
- Your app performs frequent permission checks
- You are scaling and need better performance
- You want to reduce database load
Final Thoughts
Laravel is not the problem — architecture is.
Small decisions like how you handle permissions can have a huge impact as your system grows.
I’d love to hear how others are solving this problem or any feedback on this approach.
Top comments (0)