From 2b3b6ed012992b400bf1f1535cea57b4fcb54530 Mon Sep 17 00:00:00 2001 From: Cam Date: Thu, 18 Jan 2024 11:14:32 -0600 Subject: [PATCH 1/5] updated password reset requests. Fixes #452 --- controller/store/password_reset_request.go | 2 +- ...17_v0_4_23_password_reset_request_unique.sql | 7 +++++++ ...17_v0_4_23_password_reset_request_unique.sql | 17 +++++++++++++++++ 3 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql create mode 100644 controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql diff --git a/controller/store/password_reset_request.go b/controller/store/password_reset_request.go index a6a7b60d6..75a1f3e4d 100644 --- a/controller/store/password_reset_request.go +++ b/controller/store/password_reset_request.go @@ -17,7 +17,7 @@ type PasswordResetRequest struct { } func (str *Store) CreatePasswordResetRequest(prr *PasswordResetRequest, tx *sqlx.Tx) (int, error) { - stmt, err := tx.Prepare("insert into password_reset_requests (account_id, token) values ($1, $2) ON CONFLICT(account_id) DO UPDATE SET token=$2 returning id") + stmt, err := tx.Prepare("insert into password_reset_requests (account_id, token) values ($1, $2) returning id") if err != nil { return 0, errors.Wrap(err, "error preparing password_reset_requests insert statement") } diff --git a/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql new file mode 100644 index 000000000..00b1ec975 --- /dev/null +++ b/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql @@ -0,0 +1,7 @@ +-- +migrate Up + +-- remove the old unique index (users might need multiple password resets) +ALTER TABLE password_reset_requests DROP CONSTRAINT password_reset_requests_account_id_key; + +-- add new constraint which doesnt mind having multiple resets for account ids +ALTER TABLE password_reset_requests ADD CONSTRAINT password_reset_requests_account_id_key FOREIGN KEY (account_id) REFERENCES accounts (id) on delete cascade; diff --git a/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql new file mode 100644 index 000000000..880018f5f --- /dev/null +++ b/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql @@ -0,0 +1,17 @@ +-- +migrate Up + +alter table password_reset_requests rename to password_reset_requests_old; + +CREATE TABLE password_reset_requests ( + id integer primary key, + token string not null unique, + created_at datetime not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')), + updated_at datetime not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')), + account_id integer not null constraint fk_accounts_password_reset_requests references accounts on delete cascade, + deleted boolean not null default(false), + + constraint chk_token check(token <> '') +); + +insert into password_reset_requests select * from password_reset_requests_old; +drop table password_reset_requests_old; \ No newline at end of file From f77404b4db6c4769f60e83348a27f8c3eca53870 Mon Sep 17 00:00:00 2001 From: Cam Date: Thu, 25 Jan 2024 09:58:55 -0600 Subject: [PATCH 2/5] update casing --- .../postgresql/017_v0_4_23_password_reset_request_unique.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql index 00b1ec975..120023cf2 100644 --- a/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql +++ b/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql @@ -4,4 +4,4 @@ ALTER TABLE password_reset_requests DROP CONSTRAINT password_reset_requests_account_id_key; -- add new constraint which doesnt mind having multiple resets for account ids -ALTER TABLE password_reset_requests ADD CONSTRAINT password_reset_requests_account_id_key FOREIGN KEY (account_id) REFERENCES accounts (id) on delete cascade; +ALTER TABLE password_reset_requests ADD CONSTRAINT password_reset_requests_account_id_key FOREIGN KEY (account_id) REFERENCES accounts (id) ON DELETE CASCADE; From 8d51fce2b8d61e3a683522313df64ac388a7a411 Mon Sep 17 00:00:00 2001 From: Cam Date: Wed, 7 Feb 2024 15:07:43 -0600 Subject: [PATCH 3/5] remove cascading deletes --- .../postgresql/017_v0_4_23_password_reset_request_unique.sql | 2 +- .../sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql index 120023cf2..9606e67aa 100644 --- a/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql +++ b/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql @@ -4,4 +4,4 @@ ALTER TABLE password_reset_requests DROP CONSTRAINT password_reset_requests_account_id_key; -- add new constraint which doesnt mind having multiple resets for account ids -ALTER TABLE password_reset_requests ADD CONSTRAINT password_reset_requests_account_id_key FOREIGN KEY (account_id) REFERENCES accounts (id) ON DELETE CASCADE; +ALTER TABLE password_reset_requests ADD CONSTRAINT password_reset_requests_account_id_key FOREIGN KEY (account_id) REFERENCES accounts (id); diff --git a/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql index 880018f5f..0e9850d6e 100644 --- a/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql +++ b/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql @@ -7,7 +7,7 @@ CREATE TABLE password_reset_requests ( token string not null unique, created_at datetime not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')), updated_at datetime not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')), - account_id integer not null constraint fk_accounts_password_reset_requests references accounts on delete cascade, + account_id integer not null constraint fk_accounts_password_reset_requests references accounts, deleted boolean not null default(false), constraint chk_token check(token <> '') From d57d72387f890643181c17fff66262ad98fa946f Mon Sep 17 00:00:00 2001 From: Cam Date: Wed, 14 Feb 2024 13:06:04 -0600 Subject: [PATCH 4/5] few small fixes --- CHANGELOG.md | 4 ++++ controller/store/password_reset_request.go | 17 +++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ee11b0c3e..47a5e4726 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # CHANGELOG +## v0.4.24 + +FIX: Updated password reset to handle multiple reset requests. + ## v0.4.23 CHANGE: Improved OpenZiti resource cleanup resilience. Previous resource cleanup would stop when an error was encountered at any stage of the cleanup process (serps, sps, config, service). New cleanup implementation logs errors but continues to clean up anything that it can (https://github.com/openziti/zrok/issues/533) diff --git a/controller/store/password_reset_request.go b/controller/store/password_reset_request.go index 75a1f3e4d..2b14ce5f1 100644 --- a/controller/store/password_reset_request.go +++ b/controller/store/password_reset_request.go @@ -7,6 +7,7 @@ import ( "github.com/jmoiron/sqlx" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) type PasswordResetRequest struct { @@ -17,6 +18,10 @@ type PasswordResetRequest struct { } func (str *Store) CreatePasswordResetRequest(prr *PasswordResetRequest, tx *sqlx.Tx) (int, error) { + if err := str.DeletePasswordResetRequestsByAccountId(prr.AccountId, tx); err != nil { + logrus.Errorf("unable to delete old password reset requests for account '%v', but continuing: %v", prr.AccountId, err) + } + stmt, err := tx.Prepare("insert into password_reset_requests (account_id, token) values ($1, $2) returning id") if err != nil { return 0, errors.Wrap(err, "error preparing password_reset_requests insert statement") @@ -98,3 +103,15 @@ func (str *Store) DeleteMultiplePasswordResetRequests(ids []int, tx *sqlx.Tx) er } return nil } + +func (str *Store) DeletePasswordResetRequestsByAccountId(accountId int, tx *sqlx.Tx) error { + stmt, err := tx.Prepare("update password_reset_requests set updated_at = current_timestamp, deleted = true where account_id = $1") + if err != nil { + return errors.Wrap(err, "error preparing password_reset_requests delete by account_id statement") + } + _, err = stmt.Exec(accountId) + if err != nil { + return errors.Wrap(err, "error executing password_reset_requests delete by account_id statement") + } + return nil +} From 8555439410ed47e43af334ed6329677bf9b1ea1f Mon Sep 17 00:00:00 2001 From: Cam Date: Wed, 14 Feb 2024 13:51:32 -0600 Subject: [PATCH 5/5] update migration number from merge --- ...t_unique.sql => 018_v0_4_23_password_reset_request_unique.sql} | 0 ...t_unique.sql => 018_v0_4_23_password_reset_request_unique.sql} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename controller/store/sql/postgresql/{017_v0_4_23_password_reset_request_unique.sql => 018_v0_4_23_password_reset_request_unique.sql} (100%) rename controller/store/sql/sqlite3/{017_v0_4_23_password_reset_request_unique.sql => 018_v0_4_23_password_reset_request_unique.sql} (100%) diff --git a/controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/postgresql/018_v0_4_23_password_reset_request_unique.sql similarity index 100% rename from controller/store/sql/postgresql/017_v0_4_23_password_reset_request_unique.sql rename to controller/store/sql/postgresql/018_v0_4_23_password_reset_request_unique.sql diff --git a/controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql b/controller/store/sql/sqlite3/018_v0_4_23_password_reset_request_unique.sql similarity index 100% rename from controller/store/sql/sqlite3/017_v0_4_23_password_reset_request_unique.sql rename to controller/store/sql/sqlite3/018_v0_4_23_password_reset_request_unique.sql