Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Making the verification and password reset token unqiue #15488

Merged
merged 5 commits into from Nov 9, 2023
Merged

Making the verification and password reset token unqiue #15488

merged 5 commits into from Nov 9, 2023

Conversation

mamazu
Copy link
Member

@mamazu mamazu commented Nov 2, 2023
edited

Q A
Branch? 1.13
Bug fix? performance fix
New feature? no
BC breaks? no
Deprecations? no
Related tickets -
License MIT

The problem

Currently we have a user database of about 1 million users and we noticed that resetting your password is rather slow. It turns out that there isn't any index on neither the password reset nor the verification token.

The solution

The simplest solution would be to add an index to those fields and call it a day. But we can do even better. We know that those tokens are unique. Because all throughout the Sylius application those fields are queried with the findOneBy which crashes on result sets bigger than one. So adding a unique constraint should not break backwards compatibility (except for already broken entries).

What still needs to be done

I still need to generate a migration that actually adds those indices to the database. I will do that when the base idea of the PR is accepted.

@mamazu mamazu requested a review from a team as a code owner November 2, 2023 00:24
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 2, 2023
edited

Bunnyshell Preview Environment deleted

Available commands:

  • /bns:deploy to redeploy the environment

@mamazu mamazu force-pushed the index_on_password_reset_token branch from 21f87a7 to 052a759 Compare November 3, 2023 00:43
diimpp
diimpp reviewed Nov 3, 2023
View reviewed changes
Copy link
Member

@diimpp diimpp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apparently unique index on nullable field is a sort of grey zone, but which works for mysql. Is it confirmed to work with postgresql as well?

https://dba-presents.com/databases/mysql/274-mysql-unique-index-with-null-values

src/Sylius/Bundle/CoreBundle/Migrations/Version20231103004216.php Outdated Show resolved Hide resolved
src/Sylius/Bundle/CoreBundle/Migrations/Version20231103004216.php Outdated Show resolved Hide resolved
src/Sylius/Bundle/CoreBundle/Migrations/Version20231103004216.php Outdated Show resolved Hide resolved
src/Sylius/Bundle/CoreBundle/Migrations/Version20231103004216.php Outdated Show resolved Hide resolved
src/Sylius/Bundle/UserBundle/Resources/config/doctrine/model/User.orm.xml Outdated Show resolved Hide resolved
@NoResponseMate NoResponseMate merged commit f699fe0 into Sylius:1.13 Nov 9, 2023
25 checks passed
@NoResponseMate
Copy link
Contributor

Thank you, @mamazu!

@mamazu mamazu deleted the index_on_password_reset_token branch November 9, 2023 14:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@diimpp diimpp diimpp approved these changes

@NoResponseMate NoResponseMate NoResponseMate approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mamazu @NoResponseMate @diimpp