From eaa55706d62680c2716ed5e773fa045c996fbe07 Mon Sep 17 00:00:00 2001
From: Ben Hardill <ben@flowforge.com>
Date: Mon, 11 Mar 2024 14:07:07 +0000
Subject: [PATCH] Fix comment

---
 lib/auth/httpAuthMiddleware.js | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lib/auth/httpAuthMiddleware.js b/lib/auth/httpAuthMiddleware.js
index f2d0642..8bd5774 100644
--- a/lib/auth/httpAuthMiddleware.js
+++ b/lib/auth/httpAuthMiddleware.js
@@ -20,11 +20,8 @@ module.exports = {
                     if (req.session.ffSession) {
                         next()
                     } else if (req.get('Authorization')?.startsWith('Bearer')) {
-                        // need to make a HTTP request against the forge platform to check
-                        // the token. Should we cache the token to reduce round trip on every
-                        // request?
                         // We should include the Project ID and the path along with the token
-                        // to be checked
+                        // to be checked to allow scoping tokens
                         const token = req.get('Authorization').split(' ')[1]
                         const cacheHit = httpTokenCache[token]
                         if (cacheHit) {