add iss to identifier, only set email if verified

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2024-10-17 05:58:44 -06:00 · 2024-10-17 05:58:44 -06:00 · 35b669fe59
commit 35b669fe59
parent dc07779143
2 changed files with 28 additions and 4 deletions
--- a/hscontrol/db/db.go
+++ b/hscontrol/db/db.go
@ -474,6 +474,8 @@ func NewHeadscaleDatabase(
 				Rollback: func(db *gorm.DB) error { return nil },
 			},
 			{
+				// Pick up new user fields used for OIDC and to
+				// populate the user with more interesting information.
 				ID: "202407191627",
 				Migrate: func(tx *gorm.DB) error {
 					err := tx.AutoMigrate(&types.User{})
@ -485,6 +487,21 @@ func NewHeadscaleDatabase(
 				},
 				Rollback: func(db *gorm.DB) error { return nil },
 			},
+			{
+				// The unique constraint of Name has been dropped
+				// in favour of a unique together of name and
+				// provider identity.
+				ID: "202408181235",
+				Migrate: func(tx *gorm.DB) error {
+					err := tx.AutoMigrate(&types.User{})
+					if err != nil {
+						return err
+					}
+
+					return nil
+				},
+				Rollback: func(db *gorm.DB) error { return nil },
+			},
 		},
 	)