ozten · August 18, 2012 03:03
diff --git a/brian warner email.txt b/brian warner email.txt
 Hi folks.. I'm pretty sure everyone involved in Persona ops already
 knows about this, but I figured I'd send it to services-ops just to be
 completely sure.

 My "expire-session" changes[1] finally landed on the master "dev" branch
 last friday (10-Aug-2012)[2], and are scheduled to be included in the
 branch we'll cut next friday (train-2012.08.17, I think), which should
 turn into our Beta1 offering.

 This feature includes a schema change, which adds a `lastPasswordReset`
 field to the `user` table.

 Please execute the following to migrate the database up:

  "ALTER TABLE user ADD COLUMN lastPasswordReset TIMESTAMP DEFAULT 0 NOT NULL;"

 Please execute the following to rollback the release:

  "ALTER TABLE user DROP COLUMN lastPasswordReset;"

 For reference, creating a fresh database, that would be:

 "CREATE TABLE IF NOT EXISTS user (" +
   "id BIGINT AUTO_INCREMENT PRIMARY KEY," +
   "passwd CHAR(64)," +
   "lastPasswordReset TIMESTAMP DEFAULT 0 NOT NULL" +
   ") ENGINE=InnoDB;",

 The expire-session feature records this timestamp in the encrypted
 session cookie, and expires all sessions when the user changes their
 password (causing the cookie's copy to not match the DB).

 The code that references this field is designed to skip the comparison
 when the DB contains a 0, so pre-existing sessions are not gratuitiously
 expired the moment the new code gets deployed. Therefore the "DEFAULT 0"
 clause should make it unnecessary to modify all rows when the schema is
 updated: simply adding the new column should be sufficient.

 The new schema and the code which references it (in lib/db/mysql.js) has
 been reviewed favorably by atoll.. many thanks!

 I don't know exactly when this code will be deployed to staging/prod
 environments, but when it does, their databases will need to be
 upgraded. We checked and found no occurrences of "SELECT *" or anything
 else which would be broken by adding columns, so I believe it should be
 safe to add the columns before the code is upgraded.

 Please let me know if there's anything I can do to help out!

 cheers,
 -Brian


 [1]: PR-2026: https://github.com/mozilla/browserid/pull/2026
 [2]: in revision c7fb7ee5ea92901eff8b2e20d6a0bf36bf272689
	Hi folks.. I'm pretty sure everyone involved in Persona ops already
	knows about this, but I figured I'd send it to services-ops just to be
	completely sure.

	My "expire-session" changes[1] finally landed on the master "dev" branch
	last friday (10-Aug-2012)[2], and are scheduled to be included in the
	branch we'll cut next friday (train-2012.08.17, I think), which should
	turn into our Beta1 offering.

	This feature includes a schema change, which adds a `lastPasswordReset`
	field to the `user` table.

	Please execute the following to migrate the database up:

	"ALTER TABLE user ADD COLUMN lastPasswordReset TIMESTAMP DEFAULT 0 NOT NULL;"

	Please execute the following to rollback the release:

	"ALTER TABLE user DROP COLUMN lastPasswordReset;"

	For reference, creating a fresh database, that would be:

	"CREATE TABLE IF NOT EXISTS user (" +
	"id BIGINT AUTO_INCREMENT PRIMARY KEY," +
	"passwd CHAR(64)," +
	"lastPasswordReset TIMESTAMP DEFAULT 0 NOT NULL" +
	") ENGINE=InnoDB;",

	The expire-session feature records this timestamp in the encrypted
	session cookie, and expires all sessions when the user changes their
	password (causing the cookie's copy to not match the DB).

	The code that references this field is designed to skip the comparison
	when the DB contains a 0, so pre-existing sessions are not gratuitiously
	expired the moment the new code gets deployed. Therefore the "DEFAULT 0"
	clause should make it unnecessary to modify all rows when the schema is
	updated: simply adding the new column should be sufficient.

	The new schema and the code which references it (in lib/db/mysql.js) has
	been reviewed favorably by atoll.. many thanks!

	I don't know exactly when this code will be deployed to staging/prod
	environments, but when it does, their databases will need to be
	upgraded. We checked and found no occurrences of "SELECT *" or anything
	else which would be broken by adding columns, so I believe it should be
	safe to add the columns before the code is upgraded.

	Please let me know if there's anything I can do to help out!

	cheers,
	-Brian


	[1]: PR-2026: https://github.com/mozilla/browserid/pull/2026
	[2]: in revision c7fb7ee5ea92901eff8b2e20d6a0bf36bf272689