perf: cache calendar REST responses, aggressive TTL for past=1 (#246) (#249)

Adds a top-level full-response cache to the calendar REST handler keyed
on the COMPLETE CalendarRequest envelope (geo lat/lng/radius/radius_unit,
paged, scope, all filters, archive context, search, past flag, cutoff_hour).
TTL split: 1h for past=0 (upcoming), 24h for past=1 (immutable historical).

The bug exposed in production on 2026-05-10: Pinterestbot iterated every
venue/artist archive with distinct geo params, each request taking 30-60s
and saturating the PHP-FPM pool. The existing bucket cache was keyed
WITHOUT geo params so distinct radius searches collapsed onto one bucket
and re-ran the full query every request when the bucket missed.

Implementation:
- CalendarCache::generate_full_response_key() includes the full envelope
  including geo params.
- CalendarCache::get_full_response/set_full_response use wp_cache_*
  (group: data-machine-calendar) primarily with transient fallback for
  non-persistent cache hosts. Redis Object Cache backs both layers on
  extrachill.com.
- Calendar::calendar() short-circuits to the cached response before
  CalendarAbilities runs. Authenticated users with manage_options bypass
  the cache so editors see fresh data immediately.
- CacheInvalidator::invalidate_all() now flushes the
  data-machine-calendar wp_cache group on event saves / taxonomy edits.

Co-authored-by: homeboy-ci[bot] <266378653+homeboy-ci[bot]@users.noreply.github.com>

Author: chubes4

inc/Api/Controllers/Calendar.php

@@ -4,6 +4,13 @@
  *
  * Thin wrapper around CalendarAbilities for REST API access.
  * All business logic delegated to CalendarAbilities.
+ *
+ * Wraps the response in a top-level full-response cache to mitigate
+ * crawler-driven DOS on `?past=1` historical archive variants. See
+ * Extra-Chill/data-machine-events#246 — Pinterestbot iterating every
+ * venue/artist archive with distinct geo params produced one expensive
+ * query per request because the underlying bucket cache was keyed
+ * without geo params.
  */
 
 namespace DataMachineEvents\Api\Controllers;
@@ -12,6 +19,7 @@
 
 use WP_REST_Request;
 use DataMachineEvents\Abilities\CalendarAbilities;
+use DataMachineEvents\Blocks\Calendar\Cache\CalendarCache;
 use DataMachineEvents\Blocks\Calendar\Query\CalendarRequest;
 
 /**
@@ -27,27 +35,51 @@ class Calendar {
 	 */
 	public function calendar( WP_REST_Request $request ) {
 		$calendar_request = CalendarRequest::fromRestRequest( $request );
-		$abilities        = new CalendarAbilities();
-		$result           = $abilities->executeGetCalendarPage( $calendar_request->toAbilitiesArgs() );
-
-		return rest_ensure_response(
-			array(
-				'success'    => true,
-				'html'       => $result['html']['events'],
-				'pagination' => array(
-					'html'         => $result['html']['pagination'],
-					'current_page' => $result['current_page'],
-					'max_pages'    => $result['max_pages'],
-					'total_events' => $result['total_event_count'],
-				),
-				'counter'    => $result['html']['counter'],
-				'navigation' => array(
-					'html'         => $result['html']['navigation'],
-					'past_count'   => $result['event_counts']['past'],
-					'future_count' => $result['event_counts']['future'],
-					'show_past'    => ! empty( $request->get_param( 'past' ) ),
-				),
-			)
+		$envelope         = $calendar_request->toAbilitiesArgs();
+
+		// Editors with `manage_options` always bypass the cache so they
+		// see fresh data immediately after publishing / editing events.
+		// Anonymous traffic (the DOS-vector path) uses the cache.
+		$bypass_cache = current_user_can( 'manage_options' );
+
+		$cache_key = CalendarCache::generate_full_response_key( $envelope );
+
+		if ( ! $bypass_cache ) {
+			$cached = CalendarCache::get_full_response( $cache_key );
+			if ( false !== $cached && is_array( $cached ) ) {
+				return rest_ensure_response( $cached );
+			}
+		}
+
+		$abilities = new CalendarAbilities();
+		$result    = $abilities->executeGetCalendarPage( $envelope );
+
+		$response_body = array(
+			'success'    => true,
+			'html'       => $result['html']['events'],
+			'pagination' => array(
+				'html'         => $result['html']['pagination'],
+				'current_page' => $result['current_page'],
+				'max_pages'    => $result['max_pages'],
+				'total_events' => $result['total_event_count'],
+			),
+			'counter'    => $result['html']['counter'],
+			'navigation' => array(
+				'html'         => $result['html']['navigation'],
+				'past_count'   => $result['event_counts']['past'],
+				'future_count' => $result['event_counts']['future'],
+				'show_past'    => ! empty( $request->get_param( 'past' ) ),
+			),
 		);
+
+		if ( ! $bypass_cache ) {
+			CalendarCache::set_full_response(
+				$cache_key,
+				$response_body,
+				CalendarCache::ttl_for_envelope( $envelope )
+			);
+		}
+
+		return rest_ensure_response( $response_body );
 	}
 }

inc/Blocks/Calendar/Cache/CacheInvalidator.php

@@ -92,6 +92,21 @@ public static function invalidate_all(): void {
 			wp_cache_delete( $key, 'transient' );
 			wp_cache_delete( $key, 'site-transient' );
 		}
+
+		// Flush the dedicated full-response cache group. This is safe to
+		// flush wholesale because the group is private to the calendar —
+		// nothing else writes to `data-machine-calendar`.
+		if ( function_exists( 'wp_cache_flush_group' ) ) {
+			wp_cache_flush_group( CalendarCache::GROUP );
+		} else {
+			// On WP < 6.1 / object-cache drop-ins lacking flush_group support,
+			// the transient layer above still serves as the source of truth.
+			// The wp_cache entries will age out within TTL_FULL_PAST (24h).
+			// Acceptable downside for a fallback path that won't hit on
+			// extrachill.com (Redis Object Cache supports flush_group).
+			$noop = true;
+			unset( $noop );
+		}
 	}
 }
 

inc/Blocks/Calendar/Cache/CalendarCache.php

@@ -2,9 +2,24 @@
 /**
  * Calendar Cache Manager
  *
- * Centralizes all transient caching for calendar queries.
+ * Centralizes all caching for calendar queries.
  * Handles cache key generation, TTLs, and get/set operations.
  *
+ * Two cache layers:
+ * 1. Bucket caches (dates, counts) — keyed without geo params, used by
+ *    EventQueryBuilder/Pagination internals. Stored as transients (which
+ *    Redis object cache backs anyway on persistent-cache hosts).
+ * 2. Full-response cache (this is the calendar REST envelope itself,
+ *    pre-rendered HTML included). Keyed on the COMPLETE CalendarRequest
+ *    envelope INCLUDING geo params. Stored in wp_cache (dedicated group
+ *    `data-machine-calendar`) with transient fallback for non-persistent
+ *    cache environments.
+ *
+ * The full-response cache is the DOS mitigation: bot crawlers hammering
+ * `?past=1&lat=...&lng=...&archive_taxonomy=venue&archive_term_id=...`
+ * variants now hit one expensive query per cache window instead of one
+ * per request. See Extra-Chill/data-machine-events#246.
+ *
  * @package DataMachineEvents\Blocks\Calendar\Cache
  * @since   0.14.0
  */
@@ -17,12 +32,16 @@
 
 class CalendarCache {
 
-	const PREFIX         = 'data-machine_cal_';
-	const TTL_DATES      = 30 * MINUTE_IN_SECONDS;
-	const TTL_COUNTS     = 30 * MINUTE_IN_SECONDS;
+	const PREFIX             = 'data-machine_cal_';
+	const FULL_PREFIX        = 'data-machine_cal_full_';
+	const GROUP              = 'data-machine-calendar';
+	const TTL_DATES          = 30 * MINUTE_IN_SECONDS;
+	const TTL_COUNTS         = 30 * MINUTE_IN_SECONDS;
+	const TTL_FULL_UPCOMING  = HOUR_IN_SECONDS;
+	const TTL_FULL_PAST      = 24 * HOUR_IN_SECONDS;
 
 	/**
-	 * Get a cached value.
+	 * Get a cached value (transient-backed bucket cache).
 	 *
 	 * @param string $key Full cache key.
 	 * @return mixed Cached value or false if not found.
@@ -32,7 +51,7 @@ public static function get( string $key ) {
 	}
 
 	/**
-	 * Set a cached value.
+	 * Set a cached value (transient-backed bucket cache).
 	 *
 	 * @param string $key   Full cache key.
 	 * @param mixed  $value Value to cache.
@@ -44,7 +63,10 @@ public static function set( string $key, $value, int $ttl ): bool {
 	}
 
 	/**
-	 * Generate a cache key from query parameters.
+	 * Generate a cache key from query parameters (bucket caches).
+	 *
+	 * Does NOT include geo params — bucket caches operate on the broader
+	 * date/count slice and geo filtering happens downstream.
 	 *
 	 * @param array  $params Query parameters.
 	 * @param string $prefix Key prefix (e.g. 'dates', 'counts').
@@ -66,4 +88,115 @@ public static function generate_key( array $params, string $prefix ): string {
 
 		return self::PREFIX . $prefix . '_' . md5( wp_json_encode( $key_data ) );
 	}
+
+	/**
+	 * Generate a cache key for the full calendar REST response.
+	 *
+	 * Includes the COMPLETE CalendarRequest envelope so distinct geo
+	 * searches, scopes, paged windows, and archive contexts all get
+	 * isolated cache buckets. This is the key surface that issue #246
+	 * was missing — bot variants over `lat`/`lng`/`radius`/`archive_term_id`
+	 * collapsed onto one bucket and re-ran the query every time.
+	 *
+	 * @param array $envelope CalendarRequest::toAbilitiesArgs() output.
+	 * @return string Full cache key.
+	 */
+	public static function generate_full_response_key( array $envelope ): string {
+		$key_data = array(
+			'paged'            => (int) ( $envelope['paged'] ?? 1 ),
+			'past'             => (bool) ( $envelope['past'] ?? false ),
+			'event_search'     => (string) ( $envelope['event_search'] ?? '' ),
+			'date_start'       => (string) ( $envelope['date_start'] ?? '' ),
+			'date_end'         => (string) ( $envelope['date_end'] ?? '' ),
+			'scope'            => (string) ( $envelope['scope'] ?? '' ),
+			'tax_filter'       => $envelope['tax_filter'] ?? array(),
+			'archive_taxonomy' => (string) ( $envelope['archive_taxonomy'] ?? '' ),
+			'archive_term_id'  => (int) ( $envelope['archive_term_id'] ?? 0 ),
+			'geo_lat'          => (string) ( $envelope['geo_lat'] ?? '' ),
+			'geo_lng'          => (string) ( $envelope['geo_lng'] ?? '' ),
+			'geo_radius'       => (int) ( $envelope['geo_radius'] ?? 0 ),
+			'geo_radius_unit'  => (string) ( $envelope['geo_radius_unit'] ?? '' ),
+			'cutoff_hour'      => \DataMachineEvents\Blocks\Calendar\Grouping\LateNightCutoff::cutoff_hour(),
+		);
+
+		return self::FULL_PREFIX . md5( wp_json_encode( $key_data ) );
+	}
+
+	/**
+	 * Get a cached full calendar REST response.
+	 *
+	 * Tries the object cache first (Redis/Memcached on persistent-cache
+	 * hosts), falls back to a transient. Returns false on miss so callers
+	 * can use the standard `false === $cached` check.
+	 *
+	 * @param string $key Full cache key from generate_full_response_key().
+	 * @return mixed Cached envelope array or false on miss.
+	 */
+	public static function get_full_response( string $key ) {
+		$found  = false;
+		$cached = wp_cache_get( $key, self::GROUP, false, $found );
+		if ( $found && false !== $cached ) {
+			return $cached;
+		}
+
+		// Transient fallback for non-persistent cache environments. On
+		// Redis-backed hosts get_transient also routes through the object
+		// cache, so this is functionally a no-op there but harmless.
+		$transient = get_transient( $key );
+		if ( false !== $transient ) {
+			// Promote into the object cache so subsequent hits in this
+			// process / cache window skip the transient SQL lookup.
+			wp_cache_set( $key, $transient, self::GROUP, self::ttl_for_envelope_default() );
+			return $transient;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Set a cached full calendar REST response.
+	 *
+	 * Writes to BOTH the object cache and the transient store. The
+	 * transient store survives a `wp_cache_flush()` and acts as the
+	 * source of truth for non-persistent cache hosts; the object cache
+	 * is the fast path for persistent-cache hosts.
+	 *
+	 * @param string $key   Full cache key from generate_full_response_key().
+	 * @param mixed  $value Response envelope to cache.
+	 * @param int    $ttl   Time-to-live in seconds.
+	 * @return bool True on success.
+	 */
+	public static function set_full_response( string $key, $value, int $ttl ): bool {
+		wp_cache_set( $key, $value, self::GROUP, $ttl );
+		return set_transient( $key, $value, $ttl );
+	}
+
+	/**
+	 * Resolve the appropriate full-response TTL for a request envelope.
+	 *
+	 * Past events are immutable — once a show happened, it happened.
+	 * Cache them aggressively (24h). Upcoming events change as new ones
+	 * are published, but `CacheInvalidator` busts the entire group on
+	 * any event save / taxonomy edit, so a 1h ceiling is just a safety
+	 * net for missed invalidation paths.
+	 *
+	 * @param array $envelope CalendarRequest::toAbilitiesArgs() output.
+	 * @return int TTL seconds.
+	 */
+	public static function ttl_for_envelope( array $envelope ): int {
+		$past = ! empty( $envelope['past'] );
+		return $past ? self::TTL_FULL_PAST : self::TTL_FULL_UPCOMING;
+	}
+
+	/**
+	 * Default TTL used when promoting a transient hit back into the
+	 * object cache. We don't know if the entry was past or upcoming at
+	 * promotion time, so we use the shorter (upcoming) TTL — better to
+	 * recompute one extra time than to extend an already-stale window.
+	 *
+	 * @return int TTL seconds.
+	 */
+	private static function ttl_for_envelope_default(): int {
+		return self::TTL_FULL_UPCOMING;
+	}
 }