marketing-shibata50/tududi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tududi/backend/config
History
Chris ccce778cb7
fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 
* fix: restore password migration COALESCE and add trust proxy diagnostics

This commit addresses two critical issues affecting user login:

1. Password Migration Fix:
   - Restore COALESCE(password_digest, password) in migration 20260420000004
   - The COALESCE fix from commit d1aa6086 was accidentally reverted
   - Handles both v1.0.0 column naming (password) and current (password_digest)
   - Allows users from v1.0.0 to successfully login after migration

2. Trust Proxy Configuration Improvements:
   - Add startup logging to show trust proxy configuration value
   - Add config parsing logging to diagnose env variable issues
   - Add trust proxy status to /health endpoint
   - Improve error messages for ERR_ERL_UNEXPECTED_X_FORWARDED_FOR
   - Update .env.example with comprehensive trust proxy documentation

3. Diagnostic Tools:
   - Add backend/scripts/diagnose-password-migration.js script
   - Script checks database schema and identifies affected users
   - Provides actionable recovery steps

4. Documentation:
   - Add docs/troubleshooting/migration-issues.md
   - Covers password migration issues and trust proxy configuration
   - Includes Docker-specific troubleshooting steps
   - Provides step-by-step recovery procedures

Files changed:
- backend/migrations/20260420000004-make-password-optional.js (restore COALESCE)
- backend/app.js (add trust proxy logging)
- backend/config/config.js (add config parsing logging)
- backend/shared/middleware/errorHandler.js (better trust proxy errors)
- backend/scripts/diagnose-password-migration.js (new diagnostic tool)
- backend/.env.example (improved trust proxy documentation)
- docs/troubleshooting/migration-issues.md (new troubleshooting guide)

* docs: remove troubleshooting documentation file

* fix: resolve CodeQL false positives in diagnostic script

Rename variables to avoid CodeQL flagging them as sensitive data:
- hasPassword -> passwordColumnExists
- hasPasswordDigest -> passwordDigestColumnExists
- users_with_password -> count_with_digest
- users_without_password -> count_without_digest

These variables only contain booleans and counts, not actual password data.
2026-04-23 01:03:19 +03:00
..
authConfig.js feat(caldav): Add CalDAV Synchronization Support (Issue #978) (#1030) 2026-04-17 17:40:39 +03:00
config.js fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 2026-04-23 01:03:19 +03:00
database.js Parallelize test running (#166) 2025-07-16 13:27:57 +03:00
quotes.yml Linting cleanup (#99) 2025-07-01 11:40:09 +03:00
swagger.js Fix swagger mistake (#827) 2026-02-07 23:25:30 +02:00