Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clean up other email tokens #1572

Merged
merged 21 commits into from
Sep 28, 2023
Merged

Clean up other email tokens #1572

merged 21 commits into from
Sep 28, 2023

Conversation

dholms
Copy link
Collaborator

@dholms dholms commented Sep 9, 2023

Optional addition on top of #1568

Move account delete & password reset tokens to the new email_token table & logic.

This cleans up the routes substantially, removes password reset state from the user_account table and gets some of this sensitive logic all co-located.

The migration is a little bit tricky here because we'll end up breaking some folks' deletes/password resets. But it will just be for a short time and it might be worth it. We can do it in off-peak hours to mitigate the impact

@dholms dholms changed the title impl Clean up other email tokens Sep 9, 2023
Comment on lines 15 to 16
// for lookups where we don't know the did
await db.schema.createIndex('email_token_token_idx').on('token').execute()
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This may need to be unique when paired with purpose to ensure two dids don't end-up with the same token. I believe the passwordResetToken column dropped below did have this uniqueness constraint on it for that purpose.

(Relatedly, I forget if that index/unique-constraint automatically gets dropped when the column is dropped. If so, I wonder if the DROP INDEX is not done CONCURRENTLY and can cause table locking.)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

took care of this in a previous PR with a unique index on (purpose, token) 👍

Copy link
Collaborator

@devinivy devinivy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Worth taking a peek at that one comment re: indexing by token, but by and large this looks great and feels real nice to have cleaned-up.

Base automatically changed from email-confirmation to main September 27, 2023 21:09
@dholms dholms merged commit 11e3b32 into main Sep 28, 2023
10 checks passed
@dholms dholms deleted the other-email-tokens branch September 28, 2023 18:25
mloar pushed a commit to mloar/atproto that referenced this pull request Nov 15, 2023
* lexicons

* codegen

* email templates

* request routes

* impl

* migration

* tidy

* tests

* tidy & bugfixes

* format

* fix api test

* fix auth test

* impl

* update constraint name

* temporarily disable unconfirmed updates

* tidy

* fix some tests

* validate email syntax
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants