We keeps critical control-plane state in process memory across dependencies.py, auth.py, api_key_store.py, and admin.py. This breaks multi-instance deployments.
Acceptance criteria:
- API keys have scopes, expiry, org/project binding, and durable validation.
- Rate limits use Redis/Mongo or another shared backend.
- OAuth temp tokens/auth codes are durable and TTL-backed.
- Production mode refuses in-memory fallback.
We keeps critical control-plane state in process memory across
dependencies.py,auth.py,api_key_store.py, andadmin.py. This breaks multi-instance deployments.Acceptance criteria: