PERF: bypass omniauth unless in an auth path

config/initializers/009-omniauth.rb

@@ -1,14 +1,7 @@
 require "openssl"
 require "openid_redis_store"
 
-# if you need to test this and are having ssl issues see:
+require "middleware/omniauth_bypass_middleware"
-#  http://stackoverflow.com/questions/6756460/openssl-error-using-omniauth-specified-ssl-path-but-didnt-work
+Rails.application.config.middleware.use Middleware::OmniauthBypassMiddleware
-# OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE if Rails.env.development?
-
-Rails.application.config.middleware.use OmniAuth::Builder do
-  Discourse.authenticators.each do |authenticator|
-    authenticator.register_middleware(self)
-  end
-end
 
 OmniAuth.config.logger = Rails.logger

lib/middleware/omniauth_bypass_middleware.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+# omniauth loves spending lots cycles in its magic middleware stack
+# this middleware bypasses omniauth middleware and only hits it when needed
+class Middleware::OmniauthBypassMiddleware
+
+  def initialize(app, options = {})
+    @app = app
+
+    # if you need to test this and are having ssl issues see:
+    #  http://stackoverflow.com/questions/6756460/openssl-error-using-omniauth-specified-ssl-path-but-didnt-work
+    # OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE if Rails.env.development?
+    @omniauth = OmniAuth::Builder.new(app) do
+      Discourse.authenticators.each do |authenticator|
+        authenticator.register_middleware(self)
+      end
+    end
+  end
+
+  def call(env)
+    if env["PATH_INFO"].start_with?("/auth")
+      @omniauth.call(env)
+    else
+      @app.call(env)
+    end
+  end
+
+end