Delete users who didn't complete setup on upgrade

Users who started the "Enable two-factor" process, but never confirmed their setup were stored in the database under the previous format. After Ife5f1bae4ad65b66c5e20017cc43c0576b4aba19, we no longer look at the is_validated column to see if the user confirmed their 2fa setup, and instead only store users in the table who have confirmed. Delete these users from the table when updating the table format. Bug: T130892 Change-Id: I54a706043b44db50344d138207b472c35d00724e
2024-09-24 19:00:05 +00:00 · 2016-04-06 08:54:29 -07:00 · 2016-04-06 08:54:29 -07:00 · e79fd8ebc5
parent fc54f3cd6e
commit e79fd8ebc5
1 changed files with 9 additions and 1 deletions
--- a/OATHAuth.hooks.php
+++ b/OATHAuth.hooks.php
@ -209,7 +209,12 @@ class OATHAuthHooks {
 			return true;
 		}

-		$res = $db->select( 'oathauth_users', array( 'id', 'scratch_tokens' ), '', __METHOD__ );
+		$res = $db->select(
+			'oathauth_users',
+			array( 'id', 'scratch_tokens' ),
+			array( 'is_validated != 0' ),
+			__METHOD__
+		);

 		foreach ( $res as $row ) {
 			$scratchTokens = unserialize( base64_decode( $row->scratch_tokens ) );
@ -223,6 +228,9 @@ class OATHAuthHooks {
 			}
 		}

+		// Remove rows from the table where user never completed the setup process
+		$db->delete( 'oathauth_users', array( 'is_validated' => 0 ), __METHOD__ );
+
 		return true;
 	}
 }