⚡️ Speed up function _allowed_routes_check by 324%

[codeflash-ai]

📄 324% (3.24x) speedup for _allowed_routes_check in litellm/proxy/auth/auth_checks.py

⏱️ Runtime : 2.65 milliseconds → 624 microseconds (best of 103 runs)

📝 Explanation and details

The optimized code achieves a 324% speedup through two key optimizations that reduce expensive operations in the hot loop:

Key Optimizations:

1. Cached Enum Members Lookup: The original code repeatedly accessed LiteLLMRoutes.__members__ on every iteration (61% of total runtime). The optimized version caches this as a local variable members = LiteLLMRoutes.__members__ outside the loop, eliminating redundant global attribute lookups.

2. Reordered Conditional Logic: The optimized version checks for direct string equality (allowed_route == user_route) first, before the more expensive enum membership and value lookup. Since direct matches are faster than enum operations, this puts the cheaper operation first in the conditional chain.

Why This Matters:

The function is called from allowed_routes_check() in authentication flows where users access proxy routes. Based on the test results, the optimization is particularly effective for:

• Large allowed_routes lists: Shows 260-500% speedup when processing hundreds of routes
• Mixed enum/string scenarios: 380-470% improvement when combining LiteLLMRoutes enums with direct string matches
• Authentication hot paths: Since this validates every route access, even small per-call improvements compound significantly

The line profiler shows the optimization eliminates the expensive LiteLLMRoutes.__members__ lookup (9.94ms → 0ms in total time) while maintaining identical functionality and return values across all test cases.

✅ Correctness verification report:

Test	Status
⚙️ Existing Unit Tests	🔘 None Found
🌀 Generated Regression Tests	✅ 72 Passed
⏪ Replay Tests	🔘 None Found
🔎 Concolic Coverage Tests	🔘 None Found
📊 Tests Coverage	83.3%

🌀 Generated Regression Tests and Runtime

from enum import Enum

# imports
import pytest
from litellm.proxy.auth.auth_checks import _allowed_routes_check


# Simulate LiteLLMRoutes Enum for testing
class LiteLLMRoutes(Enum):
    CHAT = ["/chat/completions", "/v1/chat/completions"]
    COMPLETIONS = ["/completions", "/v1/completions"]
    EMBEDDINGS = ["/embeddings", "/v1/embeddings"]
    # Add a route with only one value for edge case
    SINGLE = ["/single"]
    # Add a route with empty value for edge case
    EMPTY = []
    # Add a route with a value that is a substring of another for edge case
    SUB = ["/sub"]
    SUBLONG = ["/sub/long"]
from litellm.proxy.auth.auth_checks import _allowed_routes_check

# ========================
# Unit Tests for _allowed_routes_check
# ========================

# 1. Basic Test Cases

def test_route_direct_string_match():
    # Allowed route is directly the same as user route
    codeflash_output = _allowed_routes_check("/chat/completions", ["/chat/completions"]) # 1.61μs -> 1.49μs (7.76% faster)

def test_route_enum_match():
    # Allowed route is a LiteLLMRoutes member, user route matches one of its values
    codeflash_output = _allowed_routes_check("/chat/completions", ["CHAT"]) # 1.44μs -> 1.56μs (7.78% slower)
    codeflash_output = _allowed_routes_check("/v1/chat/completions", ["CHAT"]) # 531ns -> 554ns (4.15% slower)
    codeflash_output = _allowed_routes_check("/completions", ["COMPLETIONS"]) # 421ns -> 475ns (11.4% slower)

def test_route_enum_and_string_mix():
    # Allowed routes is a mix of enum member and direct string
    codeflash_output = _allowed_routes_check("/embeddings", ["CHAT", "/embeddings"]) # 1.75μs -> 1.52μs (14.9% faster)
    codeflash_output = _allowed_routes_check("/v1/embeddings", ["EMBEDDINGS", "/notallowed"]) # 793ns -> 761ns (4.20% faster)

def test_route_not_allowed():
    # User route not in allowed_routes
    codeflash_output = _allowed_routes_check("/notallowed", ["CHAT", "/foo"]) # 1.57μs -> 1.41μs (11.4% faster)

def test_empty_allowed_routes():
    # No allowed routes
    codeflash_output = _allowed_routes_check("/chat/completions", []) # 453ns -> 1.22μs (62.8% slower)

def test_multiple_allowed_routes():
    # Multiple allowed routes, only one matches
    codeflash_output = _allowed_routes_check("/v1/completions", ["/foo", "COMPLETIONS", "/bar"]) # 1.98μs -> 1.58μs (24.8% faster)

def test_multiple_allowed_routes_none_match():
    # Multiple allowed routes, none match
    codeflash_output = _allowed_routes_check("/notfound", ["/foo", "EMBEDDINGS", "/bar"]) # 1.94μs -> 1.57μs (23.2% faster)

# 2. Edge Test Cases

def test_case_sensitivity():
    # Route names are case sensitive
    codeflash_output = _allowed_routes_check("/chat/completions", ["chat"]) # 1.36μs -> 1.44μs (5.36% slower)
    codeflash_output = _allowed_routes_check("/chat/completions", ["CHAT"]) # 600ns -> 652ns (7.98% slower)

def test_partial_string_match():
    # Should not match substrings
    codeflash_output = _allowed_routes_check("/chat/completions/extra", ["CHAT"]) # 1.32μs -> 1.33μs (1.13% slower)
    codeflash_output = _allowed_routes_check("/v1/chat", ["CHAT"]) # 594ns -> 627ns (5.26% slower)

def test_enum_with_empty_value():
    # Enum with empty list as value
    codeflash_output = _allowed_routes_check("/anything", ["EMPTY"]) # 1.31μs -> 1.34μs (1.95% slower)

def test_enum_with_single_value():
    # Enum with only one value
    codeflash_output = _allowed_routes_check("/single", ["SINGLE"]) # 1.34μs -> 1.39μs (3.03% slower)
    codeflash_output = _allowed_routes_check("/not_single", ["SINGLE"]) # 613ns -> 614ns (0.163% slower)

def test_enum_substring_confusion():
    # Enum value that is a substring of another
    codeflash_output = _allowed_routes_check("/sub", ["SUB"]) # 1.28μs -> 1.27μs (1.18% faster)
    codeflash_output = _allowed_routes_check("/sub/long", ["SUB"]) # 576ns -> 624ns (7.69% slower)
    codeflash_output = _allowed_routes_check("/sub/long", ["SUBLONG"]) # 506ns -> 508ns (0.394% slower)

def test_user_route_is_empty_string():
    # User route is empty string
    codeflash_output = _allowed_routes_check("", ["CHAT", "COMPLETIONS", "SINGLE", "EMPTY", "SUB"]) # 2.29μs -> 1.62μs (41.6% faster)
    codeflash_output = _allowed_routes_check("", [""]) # 641ns -> 710ns (9.72% slower)

def test_allowed_routes_contains_empty_string():
    # Allowed routes contains empty string
    codeflash_output = _allowed_routes_check("/chat/completions", [""]) # 1.26μs -> 1.28μs (2.18% slower)
    codeflash_output = _allowed_routes_check("", [""]) # 665ns -> 702ns (5.27% slower)

def test_allowed_routes_contains_nonexistent_enum():
    # Allowed routes contains a string that is not an enum member
    codeflash_output = _allowed_routes_check("/foo", ["FOOBAR"]) # 1.26μs -> 1.28μs (1.79% slower)



def test_allowed_routes_contains_enum_instance():
    # Allowed routes contains an Enum instance, not its name
    codeflash_output = _allowed_routes_check("/chat/completions", [LiteLLMRoutes.CHAT]) # 2.29μs -> 2.77μs (17.3% slower)

def test_allowed_routes_contains_duplicate_entries():
    # Allowed routes contains duplicate entries
    codeflash_output = _allowed_routes_check("/chat/completions", ["CHAT", "CHAT", "/chat/completions"]) # 2.05μs -> 1.65μs (24.4% faster)

def test_allowed_routes_contains_similar_strings():
    # Allowed routes contains similar but not equal strings
    codeflash_output = _allowed_routes_check("/chat/completions", ["/chat/completion"]) # 1.37μs -> 1.40μs (2.07% slower)

# 3. Large Scale Test Cases

def test_large_number_of_allowed_routes_with_match():
    # Large allowed_routes list, match near the end
    allowed = [f"/route{i}" for i in range(998)] + ["CHAT"]
    codeflash_output = _allowed_routes_check("/v1/chat/completions", allowed) # 194μs -> 53.7μs (263% faster)

def test_large_number_of_allowed_routes_no_match():
    # Large allowed_routes list, no match
    allowed = [f"/route{i}" for i in range(1000)]
    codeflash_output = _allowed_routes_check("/v1/chat/completions", allowed) # 194μs -> 53.2μs (266% faster)

def test_large_number_of_enum_routes():
    # Large number of enum routes (simulate by repeating)
    allowed = ["CHAT", "COMPLETIONS", "EMBEDDINGS"] * 300  # 900 entries
    codeflash_output = _allowed_routes_check("/v1/embeddings", allowed) # 152μs -> 26.5μs (474% faster)

def test_large_number_of_string_routes_with_direct_match():
    # Large list with direct string match at the end
    allowed = [f"/foo{i}" for i in range(999)] + ["/v1/chat/completions"]
    codeflash_output = _allowed_routes_check("/v1/chat/completions", allowed) # 194μs -> 50.1μs (287% faster)

def test_large_number_of_string_routes_no_match():
    # Large list with no match
    allowed = [f"/foo{i}" for i in range(1000)]
    codeflash_output = _allowed_routes_check("/v1/chat/completions", allowed) # 192μs -> 49.4μs (290% faster)

# 4. Additional Robustness and Mutation Catching

def test_route_is_prefix_of_another():
    # Ensure route is not matched by prefix
    codeflash_output = _allowed_routes_check("/chat", ["CHAT"]) # 1.33μs -> 1.43μs (6.32% slower)

def test_enum_name_is_substring_of_user_route():
    # Enum name is substring of user route
    codeflash_output = _allowed_routes_check("/CHATTY", ["CHAT"]) # 1.30μs -> 1.42μs (8.53% slower)

def test_allowed_routes_is_none():
    # allowed_routes is None (should raise TypeError)
    with pytest.raises(TypeError):
        _allowed_routes_check("/chat/completions", None) # 1.12μs -> 1.69μs (33.6% slower)

from enum import Enum

# imports
import pytest
from litellm.proxy.auth.auth_checks import _allowed_routes_check


# Simulate LiteLLMRoutes enum for testing purposes
class LiteLLMRoutes(Enum):
    CHAT = ["/chat/completions", "/chat"]
    EMBEDDINGS = ["/embeddings", "/vector"]
    COMPLETIONS = ["/completions", "/text"]
    HEALTH = ["/health"]
    # Add a route with an empty list to test edge cases
    EMPTY = []
    # Add a route with a single value
    SINGLE = ["/single"]
from litellm.proxy.auth.auth_checks import _allowed_routes_check

# unit tests

# ---------------- Basic Test Cases ----------------

def test_route_direct_match():
    """Test direct string match in allowed_routes."""
    codeflash_output = _allowed_routes_check("/chat/completions", ["/chat/completions"]) # 1.96μs -> 1.73μs (13.1% faster)

def test_route_enum_match():
    """Test user_route matches a value in LiteLLMRoutes enum via allowed_routes."""
    codeflash_output = _allowed_routes_check("/chat/completions", ["CHAT"]) # 1.45μs -> 1.51μs (4.30% slower)

def test_route_enum_match_multiple():
    """Test user_route matches any value in multiple LiteLLMRoutes enums."""
    codeflash_output = _allowed_routes_check("/vector", ["CHAT", "EMBEDDINGS"]) # 1.72μs -> 1.54μs (12.2% faster)

def test_route_no_match():
    """Test user_route not in allowed_routes."""
    codeflash_output = _allowed_routes_check("/unknown", ["CHAT", "/chat/completions"]) # 1.71μs -> 1.55μs (10.7% faster)

def test_route_multiple_allowed():
    """Test user_route matches when allowed_routes contains both enums and strings."""
    codeflash_output = _allowed_routes_check("/chat", ["EMBEDDINGS", "/chat"]) # 1.75μs -> 1.55μs (12.5% faster)

def test_route_empty_allowed_routes():
    """Test with empty allowed_routes list."""
    codeflash_output = _allowed_routes_check("/chat/completions", []) # 499ns -> 1.20μs (58.2% slower)

# ---------------- Edge Test Cases ----------------

def test_route_case_sensitivity():
    """Test case sensitivity of route matching."""
    codeflash_output = _allowed_routes_check("/Chat/Completions", ["CHAT"]) # 1.42μs -> 1.48μs (3.86% slower)

def test_route_leading_trailing_spaces():
    """Test user_route with leading/trailing spaces."""
    codeflash_output = _allowed_routes_check(" /chat/completions ", ["CHAT"]) # 1.34μs -> 1.39μs (3.24% slower)

def test_route_partial_match():
    """Test that partial matches do not pass."""
    codeflash_output = _allowed_routes_check("/chat", ["CHAT"]) # 1.34μs -> 1.39μs (3.61% slower)
    codeflash_output = _allowed_routes_check("/ch", ["CHAT"]) # 600ns -> 645ns (6.98% slower)

def test_route_empty_enum():
    """Test when allowed_routes refers to an enum with an empty value list."""
    codeflash_output = _allowed_routes_check("/anything", ["EMPTY"]) # 1.34μs -> 1.31μs (2.36% faster)

def test_route_single_enum():
    """Test when allowed_routes refers to an enum with a single value."""
    codeflash_output = _allowed_routes_check("/single", ["SINGLE"]) # 1.29μs -> 1.32μs (2.42% slower)
    codeflash_output = _allowed_routes_check("/not_single", ["SINGLE"]) # 562ns -> 548ns (2.55% faster)

def test_route_non_string_in_allowed_routes():
    """Test robustness against non-string values in allowed_routes."""
    codeflash_output = _allowed_routes_check("/chat/completions", [None, 123, "CHAT"]) # 2.21μs -> 1.82μs (22.0% faster)
    codeflash_output = _allowed_routes_check("/unknown", [None, 123]) # 897ns -> 765ns (17.3% faster)

def test_route_user_route_empty_string():
    """Test user_route is empty string."""
    codeflash_output = _allowed_routes_check("", ["CHAT", "/chat/completions"]) # 1.57μs -> 1.43μs (10.1% faster)

def test_route_allowed_routes_with_duplicates():
    """Test allowed_routes with duplicate entries."""
    codeflash_output = _allowed_routes_check("/chat", ["CHAT", "CHAT", "/chat"]) # 1.91μs -> 1.50μs (27.1% faster)

def test_route_allowed_routes_with_invalid_enum_name():
    """Test allowed_routes with invalid enum names."""
    codeflash_output = _allowed_routes_check("/chat/completions", ["INVALID_ENUM"]) # 1.30μs -> 1.25μs (3.59% faster)

def test_route_allowed_routes_with_mixed_types():
    """Test allowed_routes with mix of valid/invalid enum names and strings."""
    codeflash_output = _allowed_routes_check("/chat/completions", ["CHAT", "INVALID_ENUM", "/chat/completions"]) # 1.82μs -> 1.52μs (19.7% faster)

def test_route_allowed_routes_with_empty_string():
    """Test allowed_routes containing empty string."""
    codeflash_output = _allowed_routes_check("/chat/completions", [""]) # 1.30μs -> 1.35μs (3.78% slower)

# ---------------- Large Scale Test Cases ----------------

def test_large_allowed_routes_enum_only():
    """Test performance with a large allowed_routes list of enums."""
    allowed_routes = ["CHAT"] * 500 + ["EMBEDDINGS"] * 499
    codeflash_output = _allowed_routes_check("/chat", allowed_routes) # 171μs -> 29.0μs (492% faster)
    codeflash_output = _allowed_routes_check("/vector", allowed_routes) # 168μs -> 28.2μs (498% faster)
    codeflash_output = _allowed_routes_check("/unknown", allowed_routes) # 166μs -> 27.8μs (499% faster)

def test_large_allowed_routes_strings_only():
    """Test performance with a large allowed_routes list of strings."""
    allowed_routes = [f"/route{i}" for i in range(999)]
    # Insert a matching route at the end
    allowed_routes.append("/chat")
    codeflash_output = _allowed_routes_check("/chat", allowed_routes) # 192μs -> 53.5μs (261% faster)
    codeflash_output = _allowed_routes_check("/not_in_list", allowed_routes) # 177μs -> 37.4μs (376% faster)

def test_large_allowed_routes_mixed():
    """Test large allowed_routes with mixed enums and strings."""
    allowed_routes = ["CHAT"] * 333 + [f"/route{i}" for i in range(333)] + ["EMBEDDINGS"] * 333
    # Should match one of the enum values
    codeflash_output = _allowed_routes_check("/chat/completions", allowed_routes) # 178μs -> 37.0μs (383% faster)
    # Should match one of the string values
    codeflash_output = _allowed_routes_check("/route100", allowed_routes) # 74.7μs -> 14.0μs (433% faster)
    # Should not match anything
    codeflash_output = _allowed_routes_check("/not_in_any", allowed_routes) # 170μs -> 29.9μs (468% faster)

def test_large_user_route():
    """Test with a large user_route string."""
    long_route = "/" + "a" * 500
    allowed_routes = [long_route]
    codeflash_output = _allowed_routes_check(long_route, allowed_routes) # 1.39μs -> 1.19μs (16.7% faster)
    codeflash_output = _allowed_routes_check(long_route + "x", allowed_routes) # 693ns -> 759ns (8.70% slower)

def test_large_allowed_routes_with_none_and_invalid():
    """Test large allowed_routes with None and invalid enum names."""
    allowed_routes = [None] * 500 + ["INVALID_ENUM"] * 499 + ["CHAT"]
    codeflash_output = _allowed_routes_check("/chat", allowed_routes) # 173μs -> 31.6μs (449% faster)
    codeflash_output = _allowed_routes_check("/unknown", allowed_routes) # 172μs -> 30.7μs (462% faster)

# ---------------- Miscellaneous Test Cases ----------------



def test_route_allowed_routes_is_set():
    """Test allowed_routes is a set instead of a list."""
    allowed_routes = {"CHAT", "/chat"}
    codeflash_output = _allowed_routes_check("/chat", allowed_routes) # 2.04μs -> 1.85μs (10.6% faster)

def test_route_user_route_is_not_string():
    """Test user_route is not a string (should not match unless direct equality)."""
    codeflash_output = _allowed_routes_check(123, [123, "CHAT"]) # 1.58μs -> 1.40μs (12.8% faster)
    codeflash_output = _allowed_routes_check(456, ["CHAT"]) # 720ns -> 944ns (23.7% slower)

def test_route_allowed_routes_is_tuple():
    """Test allowed_routes is a tuple instead of a list."""
    allowed_routes = ("CHAT", "/chat")
    codeflash_output = _allowed_routes_check("/chat", allowed_routes) # 1.76μs -> 1.53μs (15.4% faster)
# codeflash_output is used to check that the output of the original code is the same as that of the optimized code.

To edit these changes git checkout codeflash/optimize-_allowed_routes_check-mhwuii0q and push.