From 2b3b6ed012992b400bf1f1535cea57b4fcb54530 Mon Sep 17 00:00:00 2001 From: Cam Date: Thu, 18 Jan 2024 11:14:32 -0600 Subject: [PATCH] updated password reset requests. Fixes #452 --- controller/store/password_reset_request.go | 2 +- ...17_v0_4_23_password_reset_request_unique.sql | 7 +++++++ ...17_v0_4_23_password_reset_request_unique.sql | 17 +++++++++++++++++ 3 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql create mode 100644 controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql diff --git a/controller/store/password_reset_request.go b/controller/store/password_reset_request.go index a6a7b60d..75a1f3e4 100644 --- a/controller/store/password_reset_request.go +++ b/controller/store/password_reset_request.go @@ -17,7 +17,7 @@ type PasswordResetRequest struct { } func (str *Store) CreatePasswordResetRequest(prr *PasswordResetRequest, tx *sqlx.Tx) (int, error) { - stmt, err := tx.Prepare("insert into password_reset_requests (account_id, token) values ($1, $2) ON CONFLICT(account_id) DO UPDATE SET token=$2 returning id") + stmt, err := tx.Prepare("insert into password_reset_requests (account_id, token) values ($1, $2) returning id") if err != nil { return 0, errors.Wrap(err, "error preparing password_reset_requests insert statement") } diff --git a/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql new file mode 100644 index 00000000..00b1ec97 --- /dev/null +++ b/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql @@ -0,0 +1,7 @@ +-- +migrate Up + +-- remove the old unique index (users might need multiple password resets) +ALTER TABLE password_reset_requests DROP CONSTRAINT password_reset_requests_account_id_key; + +-- add new constraint which doesnt mind having multiple resets for account ids +ALTER TABLE password_reset_requests ADD CONSTRAINT password_reset_requests_account_id_key FOREIGN KEY (account_id) REFERENCES accounts (id) on delete cascade; diff --git a/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql new file mode 100644 index 00000000..880018f5 --- /dev/null +++ b/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql @@ -0,0 +1,17 @@ +-- +migrate Up + +alter table password_reset_requests rename to password_reset_requests_old; + +CREATE TABLE password_reset_requests ( + id integer primary key, + token string not null unique, + created_at datetime not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')), + updated_at datetime not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')), + account_id integer not null constraint fk_accounts_password_reset_requests references accounts on delete cascade, + deleted boolean not null default(false), + + constraint chk_token check(token <> '') +); + +insert into password_reset_requests select * from password_reset_requests_old; +drop table password_reset_requests_old; \ No newline at end of file