Add performance metric

jeffrey-cordero · jeffrey-cordero · commit 79b5e40c44fe · 2025-08-04T11:26:52.000-04:00
diff --git a/_docs/developer/rensselaer_center_for_open_source/2025_Jeffrey_Cordero.md b/_docs/developer/rensselaer_center_for_open_source/2025_Jeffrey_Cordero.md
@@ -11,7 +11,7 @@ Beyond implementation work, I gained valuable experience in collaborative develo
 
 I addressed a critical security flaw in the platform's WebSocket server by implementing a token-based authorization system ([#11634](https://github.com/Submitty/Submitty/pull/11634)). Previously, any user with a direct URL and valid login credentials could access any WebSocket page, posing a considerable risk for real-time student-instructor communications.
 
-To resolve this, I designed a JSON Web Token (JWT)–based authorization layer, where the web server now generates short-lived, multi-use tokens scoped to specific pages. Each token ensures that WebSocket connections are established by authorized users, with permissions managed using a sliding window mechanism to handle expired pages.
+To resolve this, I designed a JSON Web Token (JWT)–based authorization layer, where the web server now generates short-lived, multi-use tokens scoped to specific pages. Each token ensures that WebSocket connections are established by authorized users, with permissions managed using a sliding window mechanism to handle expired pages. This approach cut the average WebSocket connection authentication time by approximately 90%.
 
 ```json
 {

Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@ Beyond implementation work, I gained valuable experience in collaborative develo`
`11`	`11`
`12`	`12`	`I addressed a critical security flaw in the platform's WebSocket server by implementing a token-based authorization system ([#11634](https://github.com/Submitty/Submitty/pull/11634)). Previously, any user with a direct URL and valid login credentials could access any WebSocket page, posing a considerable risk for real-time student-instructor communications.`
`13`	`13`
`14`		`-To resolve this, I designed a JSON Web Token (JWT)–based authorization layer, where the web server now generates short-lived, multi-use tokens scoped to specific pages. Each token ensures that WebSocket connections are established by authorized users, with permissions managed using a sliding window mechanism to handle expired pages.`
	`14`	`+To resolve this, I designed a JSON Web Token (JWT)–based authorization layer, where the web server now generates short-lived, multi-use tokens scoped to specific pages. Each token ensures that WebSocket connections are established by authorized users, with permissions managed using a sliding window mechanism to handle expired pages. This approach cut the average WebSocket connection authentication time by approximately 90%.`
`15`	`15`
`16`	`16`	```json
`17`	`17`	`{`