tududi

History

Chris ccce778cb7 fix: restore password migration COALESCE and add trust proxy diagnostics (#1057 ) * fix: restore password migration COALESCE and add trust proxy diagnostics This commit addresses two critical issues affecting user login: 1. Password Migration Fix: - Restore COALESCE(password_digest, password) in migration 20260420000004 - The COALESCE fix from commit d1aa6086 was accidentally reverted - Handles both v1.0.0 column naming (password) and current (password_digest) - Allows users from v1.0.0 to successfully login after migration 2. Trust Proxy Configuration Improvements: - Add startup logging to show trust proxy configuration value - Add config parsing logging to diagnose env variable issues - Add trust proxy status to /health endpoint - Improve error messages for ERR_ERL_UNEXPECTED_X_FORWARDED_FOR - Update .env.example with comprehensive trust proxy documentation 3. Diagnostic Tools: - Add backend/scripts/diagnose-password-migration.js script - Script checks database schema and identifies affected users - Provides actionable recovery steps 4. Documentation: - Add docs/troubleshooting/migration-issues.md - Covers password migration issues and trust proxy configuration - Includes Docker-specific troubleshooting steps - Provides step-by-step recovery procedures Files changed: - backend/migrations/20260420000004-make-password-optional.js (restore COALESCE) - backend/app.js (add trust proxy logging) - backend/config/config.js (add config parsing logging) - backend/shared/middleware/errorHandler.js (better trust proxy errors) - backend/scripts/diagnose-password-migration.js (new diagnostic tool) - backend/.env.example (improved trust proxy documentation) - docs/troubleshooting/migration-issues.md (new troubleshooting guide) * docs: remove troubleshooting documentation file * fix: resolve CodeQL false positives in diagnostic script Rename variables to avoid CodeQL flagging them as sensitive data: - hasPassword -> passwordColumnExists - hasPasswordDigest -> passwordDigestColumnExists - users_with_password -> count_with_digest - users_without_password -> count_without_digest These variables only contain booleans and counts, not actual password data.	2026-04-23 01:03:19 +03:00
..
errorHandler.js	fix: restore password migration COALESCE and add trust proxy diagnostics (#1057 )	2026-04-23 01:03:19 +03:00

fix: restore password migration COALESCE and add trust proxy diagnostics (#1057 )

* fix: restore password migration COALESCE and add trust proxy diagnostics

This commit addresses two critical issues affecting user login:

1. Password Migration Fix:
   - Restore COALESCE(password_digest, password) in migration 20260420000004
   - The COALESCE fix from commit d1aa6086 was accidentally reverted
   - Handles both v1.0.0 column naming (password) and current (password_digest)
   - Allows users from v1.0.0 to successfully login after migration

2. Trust Proxy Configuration Improvements:
   - Add startup logging to show trust proxy configuration value
   - Add config parsing logging to diagnose env variable issues
   - Add trust proxy status to /health endpoint
   - Improve error messages for ERR_ERL_UNEXPECTED_X_FORWARDED_FOR
   - Update .env.example with comprehensive trust proxy documentation

3. Diagnostic Tools:
   - Add backend/scripts/diagnose-password-migration.js script
   - Script checks database schema and identifies affected users
   - Provides actionable recovery steps

4. Documentation:
   - Add docs/troubleshooting/migration-issues.md
   - Covers password migration issues and trust proxy configuration
   - Includes Docker-specific troubleshooting steps
   - Provides step-by-step recovery procedures

Files changed:
- backend/migrations/20260420000004-make-password-optional.js (restore COALESCE)
- backend/app.js (add trust proxy logging)
- backend/config/config.js (add config parsing logging)
- backend/shared/middleware/errorHandler.js (better trust proxy errors)
- backend/scripts/diagnose-password-migration.js (new diagnostic tool)
- backend/.env.example (improved trust proxy documentation)
- docs/troubleshooting/migration-issues.md (new troubleshooting guide)

* docs: remove troubleshooting documentation file

* fix: resolve CodeQL false positives in diagnostic script

Rename variables to avoid CodeQL flagging them as sensitive data:
- hasPassword -> passwordColumnExists
- hasPasswordDigest -> passwordDigestColumnExists
- users_with_password -> count_with_digest
- users_without_password -> count_without_digest

These variables only contain booleans and counts, not actual password data.

2026-04-23 01:03:19 +03:00

errorHandler.js

fix: restore password migration COALESCE and add trust proxy diagnostics (#1057 )

2026-04-23 01:03:19 +03:00