feat: LEGACY mode fallbacks for phase 2 migration#317
Open
porcellus wants to merge 10 commits intofeat/isolation-reservation-table-migrationfrom
Open
feat: LEGACY mode fallbacks for phase 2 migration#317porcellus wants to merge 10 commits intofeat/isolation-reservation-table-migrationfrom
porcellus wants to merge 10 commits intofeat/isolation-reservation-table-migrationfrom
Conversation
Config property with validation in validateAndNormalise(), accessor getMigrationMode() defaulting to LEGACY. Supports env var SUPERTOKENS_MIGRATION_MODE. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add _legacy/_new variants for all migrated read methods with dispatch based on Config.getMigrationMode().readsFromNewTables(). Files modified: - EmailPasswordQueries: getPrimaryUserIdUsingEmail - PasswordlessQueries: getPrimaryUserIdUsingEmail, getPrimaryUserByPhoneNumber, getUserInfosWithTenant_Transaction - ThirdPartyQueries: getUserIdByThirdPartyInfo, getPrimaryUserIdUsingEmail - WebAuthNQueries: getPrimaryUserIdForTenantUsingEmail_Transaction, getPrimaryUserIdForAppUsingEmail_Transaction, getPrimaryUserIdsUsingEmails_Transaction - GeneralQueries: getUsersCount (x2), doesUserIdExist (tenant), getUsers, getPrimaryUserInfoForUserIds, checkIfUsesAccountLinking - SessionQueries: getSessionInfo_Transaction, getSession Legacy variants restored from master branch. AccountInfoQueries and ActiveUsersQueries unchanged (new-only or not migrated). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Wrap deprecated table writes with mode.writesToOldTables() and reservation table writes with mode.writesToNewTables(). app_id_to_user_id and recipe-specific tables always written. EmailPasswordQueries: signUp, importUsers, deleteUser, updateEmail, addUserIdToTenant, removeUserIdFromTenant PasswordlessQueries: createUser, importUsers, deleteUser, updateEmail, updatePhoneNumber, addUserIdToTenant, removeUserIdFromTenant ThirdPartyQueries: signUp, importUser, deleteUser, addUserIdToTenant, removeUserIdFromTenant WebAuthNQueries: createUser, updateUserEmail GeneralQueries: makePrimaryUser, linkAccounts, unlinkAccounts, updateTimeJoinedForPrimaryUser (+ batched variants) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…(Ticket 16) Guard all reservation table writes in Start.java with writesToNewTables(). In LEGACY mode, skip AccountInfoQueries calls and fall through to old-table-only behavior for makePrimaryUser and linkAccounts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…Y mode In LEGACY mode, recipe_user_account_infos is empty, so the subquery to get primary_user_id returns NULL. Use the primaryUserId parameter directly instead. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…Y mode In LEGACY mode, recipe_user_account_infos is empty, so the subquery to get primary_user_id returns NULL. Use the primaryUserId parameter directly instead. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…t 17) In LEGACY mode, these methods call per-recipe query methods (EP, PL, TP, WebAuthn) instead of the unified AccountInfoQueries. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The legacy query incorrectly referenced thirdparty_user_to_tenant.email which doesn't exist. Fixed to use thirdparty_users.email with a 3-way join (thirdparty_users + all_auth_recipe_users + thirdparty_user_to_tenant). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Multiple query paths were unconditionally reading from new tables (recipe_user_tenants, recipe_user_account_infos, primary_user_tenants) which are empty in LEGACY migration mode. This caused: - Infinite loops in signInUpHelper (empty tenant IDs → retry forever) - WrongCredentialsException on sign-in (users not found by email) - Missing email conflict checks on email/password/phone updates - Missing account linking conflict detection (checkIfLoginMethodCanBecomePrimary, checkIfLoginMethodsCanBeLinked) - Missing tenant association conflict detection (addTenantIdToPrimaryUser) - Missing bulk import conflict detection (reservePrimaryUserAccountInfos) Key changes: - getTenantIdsForUserIds: read from all_auth_recipe_users in LEGACY mode - getPrimaryUserInfoForUserIds_Transaction: JOIN on old table for tenant IDs - listPrimaryUsersByThirdPartyInfo: use thirdparty_users table in LEGACY mode - updateUsersEmail_Transaction (EP/TP/PL/WebAuthn): add legacy email conflict check - checkIfLoginMethodCanBecomePrimary: full legacy implementation using old tables - checkIfLoginMethodsCanBeLinked: full legacy implementation with tenant overlap checks - makePrimaryUser_Transaction: legacy conflict detection and already-primary check - linkAccounts_Transaction: legacy conflict detection with resolved primary user ID - addTenantIdToPrimaryUser_Transaction: legacy email/phone/TP conflict check - reservePrimaryUserAccountInfos_Transaction: legacy conflict detection for bulk import - deleteDevicesByPhoneNumber/Email_Transaction: use old table for tenant subquery - ConnectionPool: add socketTimeout=60 for JDBC connections - New helper methods: listPrimaryUsersByEmail_legacy_forApp, listPrimaryUsersByPhoneNumber_legacy_forApp, listPrimaryUserIdsByThirdPartyInfo_legacy Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ation In LEGACY mode (without reservation tables), detect duplicate account infos within the same batch of PrimaryUsers before checking against existing users in old tables. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
migration_modeconfig property (Ticket 15) defaulting to LEGACYcheckIfLoginMethodCanBecomePrimary,checkIfLoginMethodsCanBeLinked,makePrimaryUser,linkAccounts)addTenantIdToPrimaryUserandreservePrimaryUserAccountInfos(bulk import)socketTimeout=60for JDBC connectionslistPrimaryUsersByEmail_legacy_forApp,listPrimaryUsersByPhoneNumber_legacy_forApp,listPrimaryUserIdsByThirdPartyInfo_legacyTest plan
🤖 Generated with Claude Code