akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

fix: enforce unique provider+subject constraint and harden sync route

Browse Source 
- Change providerSubjectIdx from index to uniqueIndex in schema.ts to
  prevent multiple users sharing the same (provider, subject) pair,
  which caused non-deterministic sign-in resolution via findFirst.
- Add migration 0008_unique_provider_subject.sql: DROP the existing
  non-unique index and CREATE UNIQUE INDEX in its place.
- Validate INSTANCE_SYNC_MAX_BYTES env var in sync route: fall back to
  10 MB default when the value is non-numeric (e.g. 'off') or
  non-positive, preventing NaN comparisons that silently disabled the
  size limit.
- Return a generic error message to callers on applySyncPayload /
  applyCaddyConfig failure instead of leaking the raw error string;
  the original message is still stored internally via setSlaveLastSync.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
fuomag9
2026-02-25 18:41:12 +01:00
parent cb3c0a1536
commit 66ad3e9431
4 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/lib/db/schema.ts
View File

@@ -17,7 +17,7 @@ export const users = sqliteTable(
},
(table) => ({
emailUnique: uniqueIndex("users_email_unique").on(table.email),
providerSubjectIdx: index("users_provider_subject_idx").on(table.provider, table.subject)
providerSubjectIdx: uniqueIndex("users_provider_subject_idx").on(table.provider, table.subject)
})
);