0ac4beaaa8
- Add requireAuth() to admin-permissions.ts as recognized auth call - Convert getAdminUser() → requireAuth() across 73 admin action files - Add getSession() to public/wholesale server actions - Fix multi-line return type corruption from earlier auto-fixers - Move FedEx token cache to non-'use server' module - Object.freeze module-level constants: PRICE_KEYS, EMPTY_MOBILE_DASHBOARD, EMPTY_PAY_PERIOD, LOCALE_CART_SUBJECT, WELCOME_EMAILS - Update Stripe API version 2026-05-27 → 2026-06-24 - Fix wholesale employee portal: getEmployeeSessionAction + EmployeePortalClient - Fix 51 TypeScript errors (return type corruption, missing imports)
24 lines
752 B
PL/PgSQL
24 lines
752 B
PL/PgSQL
-- Migration: 034_password_change_flow
|
|
-- Adds must_change_password column to admin_users if not exists
|
|
-- Adds phone_number column to admin_users if not exists
|
|
-- Creates RPC to clear must_change_password after password update
|
|
|
|
alter table admin_users add column if not exists must_change_password boolean not null default false;
|
|
alter table admin_users add column if not exists phone_number text;
|
|
|
|
-- RPC: clear must_change_password for the authenticated user
|
|
create or replace function clear_must_change_password()
|
|
returns boolean
|
|
language plpgsql
|
|
security definer set search_path = public
|
|
as $$
|
|
begin
|
|
update admin_users
|
|
set must_change_password = false
|
|
where user_id = auth.uid()
|
|
and must_change_password = true;
|
|
|
|
return true;
|
|
end;
|
|
$$;
|