mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth
synced 2024-09-24 19:00:05 +00:00
Delete users who didn't complete setup on upgrade
Users who started the "Enable two-factor" process, but never confirmed their setup were stored in the database under the previous format. After Ife5f1bae4ad65b66c5e20017cc43c0576b4aba19, we no longer look at the is_validated column to see if the user confirmed their 2fa setup, and instead only store users in the table who have confirmed. Delete these users from the table when updating the table format. Bug: T130892 Change-Id: I54a706043b44db50344d138207b472c35d00724e
This commit is contained in:
parent
fc54f3cd6e
commit
e79fd8ebc5
|
@ -209,7 +209,12 @@ class OATHAuthHooks {
|
|||
return true;
|
||||
}
|
||||
|
||||
$res = $db->select( 'oathauth_users', array( 'id', 'scratch_tokens' ), '', __METHOD__ );
|
||||
$res = $db->select(
|
||||
'oathauth_users',
|
||||
array( 'id', 'scratch_tokens' ),
|
||||
array( 'is_validated != 0' ),
|
||||
__METHOD__
|
||||
);
|
||||
|
||||
foreach ( $res as $row ) {
|
||||
$scratchTokens = unserialize( base64_decode( $row->scratch_tokens ) );
|
||||
|
@ -223,6 +228,9 @@ class OATHAuthHooks {
|
|||
}
|
||||
}
|
||||
|
||||
// Remove rows from the table where user never completed the setup process
|
||||
$db->delete( 'oathauth_users', array( 'is_validated' => 0 ), __METHOD__ );
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue