marketing-shibata50/tududi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tududi/backend
History
Chris ccce778cb7
fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 
* fix: restore password migration COALESCE and add trust proxy diagnostics

This commit addresses two critical issues affecting user login:

1. Password Migration Fix:
   - Restore COALESCE(password_digest, password) in migration 20260420000004
   - The COALESCE fix from commit d1aa6086 was accidentally reverted
   - Handles both v1.0.0 column naming (password) and current (password_digest)
   - Allows users from v1.0.0 to successfully login after migration

2. Trust Proxy Configuration Improvements:
   - Add startup logging to show trust proxy configuration value
   - Add config parsing logging to diagnose env variable issues
   - Add trust proxy status to /health endpoint
   - Improve error messages for ERR_ERL_UNEXPECTED_X_FORWARDED_FOR
   - Update .env.example with comprehensive trust proxy documentation

3. Diagnostic Tools:
   - Add backend/scripts/diagnose-password-migration.js script
   - Script checks database schema and identifies affected users
   - Provides actionable recovery steps

4. Documentation:
   - Add docs/troubleshooting/migration-issues.md
   - Covers password migration issues and trust proxy configuration
   - Includes Docker-specific troubleshooting steps
   - Provides step-by-step recovery procedures

Files changed:
- backend/migrations/20260420000004-make-password-optional.js (restore COALESCE)
- backend/app.js (add trust proxy logging)
- backend/config/config.js (add config parsing logging)
- backend/shared/middleware/errorHandler.js (better trust proxy errors)
- backend/scripts/diagnose-password-migration.js (new diagnostic tool)
- backend/.env.example (improved trust proxy documentation)
- docs/troubleshooting/migration-issues.md (new troubleshooting guide)

* docs: remove troubleshooting documentation file

* fix: resolve CodeQL false positives in diagnostic script

Rename variables to avoid CodeQL flagging them as sensitive data:
- hasPassword -> passwordColumnExists
- hasPasswordDigest -> passwordDigestColumnExists
- users_with_password -> count_with_digest
- users_without_password -> count_without_digest

These variables only contain booleans and counts, not actual password data.
2026-04-23 01:03:19 +03:00
..
cmd Fix isEmail validation failure on valid emails during Docker setup (#835) 2026-02-11 15:42:11 +02:00
config fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 2026-04-23 01:03:19 +03:00
docs/swagger Update swagger (#906) 2026-03-04 18:47:48 +02:00
middleware fix: add CSRF token support to frontend requests (#1025) 2026-04-14 15:06:56 +03:00
migrations fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 2026-04-23 01:03:19 +03:00
models feat(caldav): Add CalDAV Synchronization Support (Issue #978) (#1030) 2026-04-17 17:40:39 +03:00
modules fix(notifications): Add missing test notification endpoint (Issue #1002) (#1047) 2026-04-18 17:51:27 +03:00
scripts fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 2026-04-23 01:03:19 +03:00
seeders Fix bug 366 (#764) 2026-01-07 18:18:07 +02:00
services Fix bug 366 (#764) 2026-01-07 18:18:07 +02:00
shared fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 2026-04-23 01:03:19 +03:00
tests fix(today-settings): add missing CSRF token to today settings PUT request (#1044) 2026-04-20 13:05:03 +03:00
utils feat(caldav): Add CalDAV Synchronization Support (Issue #978) (#1030) 2026-04-17 17:40:39 +03:00
.env.example fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 2026-04-23 01:03:19 +03:00
.env.test Feat: habits (#707) 2025-12-13 08:47:52 +02:00
.prettierignore Add 'dist' paths to git & prettier ignore. 2025-07-22 11:45:14 +03:00
.prettierrc.json Linting cleanup (#99) 2025-07-01 11:40:09 +03:00
.sequelizerc Express migration (#80) 2025-06-16 21:50:44 +03:00
app.js fix: restore password migration COALESCE and add trust proxy diagnostics (#1057) 2026-04-23 01:03:19 +03:00
database.sqlite Fix bug 619 (#629) 2025-12-02 18:00:36 +02:00
eslint.config.js Sorting fixes (#174) 2025-07-17 17:43:56 +03:00
jest.config.js Fix E2E test breakage (#380) 2025-10-05 16:04:46 +03:00