Conversation
|
Bencher Report| Branch | is_active |
| Testbed | github-ubuntu-latest |
Click to view all benchmark results
| Benchmark | Latency | Benchmark Result microseconds (µs) (Result Δ%) | Upper Boundary microseconds (µs) (Limit %) |
|---|---|---|---|
| empty_router/empty_router | 📈 view plot 🚷 view threshold | 6,805.40 µs(+11.52%)Baseline: 6,102.49 µs | 7,699.78 µs (88.38%) |
| json_api/json_api | 📈 view plot 🚷 view threshold | 1,080.80 µs(+0.59%)Baseline: 1,074.49 µs | 1,323.73 µs (81.65%) |
| nested_routers/nested_routers | 📈 view plot 🚷 view threshold | 996.07 µs(+0.31%)Baseline: 993.03 µs | 1,204.49 µs (82.70%) |
| single_root_route/single_root_route | 📈 view plot 🚷 view threshold | 975.37 µs(+2.08%)Baseline: 955.50 µs | 1,167.97 µs (83.51%) |
| single_root_route_burst/single_root_route_burst | 📈 view plot 🚷 view threshold | 15,983.00 µs(-9.71%)Baseline: 17,701.50 µs | 21,171.80 µs (75.49%) |
There was a problem hiding this comment.
Pull request overview
This PR introduces a persistent is_active flag for DatabaseUser and enforces it in the authentication flow so inactive users cannot log in (and won’t be restored from an existing session).
Changes:
- Added
is_active: booltoDatabaseUser, defaulting totrue, plus a setter and a small unit test. - Added a new DB migration to add the
is_activecolumn and registered it in the auth migrations list. - Updated auth logic to reject login for inactive users and to treat inactive session users as unauthenticated, with accompanying tests.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| cot/src/auth/db/migrations/m_0002_add_is_active.rs | Adds a migration intended to introduce the is_active column. |
| cot/src/auth/db/migrations.rs | Registers the new migration in the auth migration list. |
| cot/src/auth/db.rs | Adds the is_active field to DatabaseUser, initializes it, and exposes a setter + test. |
| cot/src/auth.rs | Enforces is_active during login and when restoring a user from session; adds AuthError::UserInactive and tests. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| &[::cot::db::migrations::Operation::add_field() | ||
| .table_name(::cot::db::Identifier::new("cot__database_user")) | ||
| .field( | ||
| ::cot::db::migrations::Field::new( | ||
| ::cot::db::Identifier::new("is_active"), | ||
| <bool as ::cot::db::DatabaseField>::TYPE, | ||
| ) | ||
| .set_null(<bool as ::cot::db::DatabaseField>::NULLABLE), | ||
| ) | ||
| .build()]; |
There was a problem hiding this comment.
Actually, should we add support for specifying custom default value? 🤔
There was a problem hiding this comment.
Yeah, we definitely should support that
There was a problem hiding this comment.
Ahh, this is actually an edge case in our migration generator that we should definitely handle. I think we should therefore wait with merging this until we have a support for this.
Codecov Report❌ Patch coverage is
Flags with carried forward coverage won't be shown. Click here to find out more.
... and 3 files with indirect coverage changes 🚀 New features to boost your workflow:
|
Description
This adds an
is_activefield to the DatabaseUser and checks if user is active before allowing to sign in.Type of change