Fix login on legacy DBs: drop NOT NULL phone/email from verification_codes
Old prod DBs had verification_codes.phone (or email) as NOT NULL with no default, so inserting a code via identifier-only failed silently — users received an emailed code that was never stored, and verify always said "Invalid or expired code." Drop the legacy columns in a migration and stop swallowing the CreateVerificationCode error. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
@@ -101,11 +101,15 @@ func (s *Server) handleLoginSubmit(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
code := generateCode()
|
||||
expiresAt := time.Now().UTC().Add(10 * time.Minute)
|
||||
s.q.CreateVerificationCode(r.Context(), db.CreateVerificationCodeParams{
|
||||
if err := s.q.CreateVerificationCode(r.Context(), db.CreateVerificationCodeParams{
|
||||
Identifier: identifier,
|
||||
Code: code,
|
||||
ExpiresAt: expiresAt,
|
||||
})
|
||||
}); err != nil {
|
||||
log.Printf("failed to store verification code for %s: %v", identifier, err)
|
||||
http.Error(w, "Internal error", 500)
|
||||
return
|
||||
}
|
||||
|
||||
if err := sendVerificationEmail(identifier, code); err != nil {
|
||||
log.Printf("failed to send verification email to %s: %v", identifier, err)
|
||||
|
||||
Reference in New Issue
Block a user