48 lines
1.9 KiB
SQL
48 lines
1.9 KiB
SQL
-- Migration to cleanup refresh_tokens table
|
|
-- Remove legacy column 'token' which caused NULL constraint violations
|
|
-- Ensure correct constraints on token_hash
|
|
-- This migration runs AFTER 010_auth_and_users.sql which creates the refresh_tokens table
|
|
|
|
|
|
-- Check if the table exists before attempting to alter it
|
|
DO $$
|
|
BEGIN
|
|
-- Only proceed if the refresh_tokens table exists
|
|
IF EXISTS (
|
|
SELECT 1 FROM information_schema.tables
|
|
WHERE table_schema = 'public'
|
|
AND table_name = 'refresh_tokens'
|
|
) THEN
|
|
-- 1. Remove the legacy 'token' column which is no longer used by the application
|
|
-- The application now uses 'token_hash' for secure storage
|
|
ALTER TABLE refresh_tokens DROP COLUMN IF EXISTS token;
|
|
|
|
-- 2. Ensure token_hash has the correct constraints
|
|
-- It should be NOT NULL and UNIQUE to prevent duplicates and ensure integrity
|
|
-- Only set NOT NULL if the column exists and doesn't already have the constraint
|
|
IF EXISTS (
|
|
SELECT 1 FROM information_schema.columns
|
|
WHERE table_schema = 'public'
|
|
AND table_name = 'refresh_tokens'
|
|
AND column_name = 'token_hash'
|
|
) THEN
|
|
-- Check if column is already NOT NULL
|
|
IF EXISTS (
|
|
SELECT 1 FROM information_schema.columns
|
|
WHERE table_schema = 'public'
|
|
AND table_name = 'refresh_tokens'
|
|
AND column_name = 'token_hash'
|
|
AND is_nullable = 'YES'
|
|
) THEN
|
|
ALTER TABLE refresh_tokens ALTER COLUMN token_hash SET NOT NULL;
|
|
END IF;
|
|
END IF;
|
|
|
|
-- 3. Add comment to clarify the column usage
|
|
COMMENT ON COLUMN refresh_tokens.token_hash IS 'SHA-256 hash of the refresh token. The raw token is never stored.';
|
|
ELSE
|
|
RAISE NOTICE 'Table refresh_tokens does not exist yet. Skipping cleanup migration.';
|
|
END IF;
|
|
END $$;
|
|
|
|
|