(I'm entering this from reading the code. I don't have time right now to verify the problem in a working system, sorry!)

If you disable Token Authentication (but not uninstall), then delete users, then reenable Token Authentication, there are extraneous rows in the tokenauth_tokens table.

To reproduce:

1. Enable Token Authentication.
2. Create a new user "Fred".
3. Disable Token Authentication (but don't uninstall).
4. Delete user "Fred".
5. Enable Token Authentication.

Expected result: There is no row in tokenauth_tokens for "Fred". (The query: select * from tokenauth_tokens tt where not exists (select * from users where users.uid=tt.uid) returns 0 rows)

Actual result: There is an orphan row in tokenauth_tokens.

To fix: (Sorry this isn't a patch--don't have time to come up with one right now.) In tokenauth_enable(), first delete any orphan rows in tokenauth_tokens. (Those rows whose uid doesn't have a corresponding row in users. Something like: delete tokenauth_tokens where not exists (select * from users where users.uid=tokenauth_tokens.uid))

Comments

moshe weitzman’s picture

moshe weitzman commented

I changed this code a bit yesterday but I may not have fixed this. Can't investigate right now.

Grayside’s picture

Grayside commented
Status: Active » Fixed

Thank you Mark. This is a reproducible problem still. Committed.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.