8cdaf8f0f1
Resolves /api/* callers from session cookie first, Authorization bearer second. Touches last_seen on success for future active- sessions UI. Adds GetUserByID query used by the middleware. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
22 lines
633 B
SQL
22 lines
633 B
SQL
-- name: CreateUser :one
|
|
INSERT INTO users (username, password_hash, api_token, is_admin)
|
|
VALUES ($1, $2, $3, $4)
|
|
RETURNING *;
|
|
|
|
-- name: GetUserByUsername :one
|
|
SELECT * FROM users WHERE username = $1;
|
|
|
|
-- name: GetUserByAPIToken :one
|
|
SELECT * FROM users WHERE api_token = $1;
|
|
|
|
-- name: CountUsers :one
|
|
SELECT count(*) FROM users;
|
|
|
|
-- name: SetSubsonicPassword :exec
|
|
-- Stores (or clears with NULL) the per-user Subsonic legacy credential used
|
|
-- for t/s and p auth on /rest/*. Must be plaintext; see migration 0003.
|
|
UPDATE users SET subsonic_password = $2 WHERE id = $1;
|
|
|
|
-- name: GetUserByID :one
|
|
SELECT * FROM users WHERE id = $1;
|