From 0296cf9c512cd24fe382e6e091c7d7bdae3e4927 Mon Sep 17 00:00:00 2001 From: Draco-Lunaris-Echo Date: Fri, 5 Jun 2026 21:08:00 -0500 Subject: [PATCH] fix(auth): update SQL queries to use totp_secret_encrypted instead of dropped totp_secret column Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com> --- crates/pm-auth/src/session.rs | 4 ++-- crates/pm-web/src/routes/auth.rs | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/crates/pm-auth/src/session.rs b/crates/pm-auth/src/session.rs index dbae0c6..886d5b6 100644 --- a/crates/pm-auth/src/session.rs +++ b/crates/pm-auth/src/session.rs @@ -120,7 +120,7 @@ pub async fn login( let user: Option = sqlx::query_as( r#" SELECT id, username, display_name, role, auth_provider, - password_hash, totp_secret, mfa_enabled, is_active, force_password_reset, + password_hash, totp_secret_encrypted, totp_secret_nonce, mfa_enabled, is_active, force_password_reset, failed_login_attempts, locked_until FROM users WHERE username = $1 AND auth_provider = 'local' @@ -278,7 +278,7 @@ pub async fn refresh_session( let user: DbUser = sqlx::query_as( r#" SELECT id, username, display_name, role, auth_provider, - password_hash, totp_secret, mfa_enabled, is_active, force_password_reset, + password_hash, totp_secret_encrypted, totp_secret_nonce, mfa_enabled, is_active, force_password_reset, failed_login_attempts, locked_until FROM users WHERE id = $1 "#, diff --git a/crates/pm-web/src/routes/auth.rs b/crates/pm-web/src/routes/auth.rs index dceec47..b7c0f0e 100644 --- a/crates/pm-web/src/routes/auth.rs +++ b/crates/pm-web/src/routes/auth.rs @@ -435,7 +435,7 @@ async fn disable_mfa( )); } - sqlx::query("UPDATE users SET totp_secret = NULL, mfa_enabled = FALSE WHERE id = $1") + sqlx::query("UPDATE users SET totp_secret_encrypted = NULL, totp_secret_nonce = NULL, mfa_enabled = FALSE WHERE id = $1") .bind(auth_user.user_id) .execute(&state.db) .await