Search code examples
mysqlsqlnode-mysql

SQL multiple statements with conditions

I'm trying to sort out SQL statements in one query for an authentication sequence.

user

╔════╦══════════════╦══════════╗
║ id ║ emailAddress ║ password ║
╠════╬══════════════╬══════════╣
║  1 ║ test1        ║ pass1    ║
║  2 ║ test2        ║ pass2    ║
║  3 ║ test3        ║ pass3    ║
╚════╩══════════════╩══════════╝

user_token

╔═══════╦═════════╗
║ token ║ user_id ║
╠═══════╬═════════╣
║ t1    ║       1 ║
║ t2    ║       2 ║
║ t3    ║       3 ║
╚═══════╩═════════╝
  1. Check if record exists against and emailAddress and password
  2. If a match is found then insert a token with user_id into user_token table
  3. send back the user record in resultSet

My Attempts (partial) please note i can combine several sql statements delimited by ;

  1. Conditional Insert

    INSERT INTO user_token(token, user_id)
SELECT ?, ? FROM DUAL
WHERE EXISTS (SELECT * FROM user WHERE emailAddress = ? AND password = ?);

["t1", 1, "test1", "pass1"];

  2. Setting some sort of variable, an attempt to combined with other attempts.

    SELECT @id:=id, emailAddress, password FROM user WHERE emailAddress = "test1" AND password = "pass1";

  3. I think I'm close but having issues with access @id from outside the subquery.

    serviceRequest.sql = "INSERT INTO user_token(token, user_id)\
    SELECT ?, @id FROM DUAL WHERE EXISTS (
      SELECT @id:=id, emailAddress, password FROM user WHERE emailAddress = ? AND password = ?
    );
    SELECT @id, ? FROM DUAL";
serviceRequest.values = ["t1", "test1", "pass1", "t1"];

Objective:

To combine multiple SQL statements employing logic in a single transaction/execution to achieve the authentication process, with the help of IF clause and user defined variables in SQL etc.

Solution

  • Cracked it down finally, but I need improvements for query #2, using IF instead of executing another SELECT statement inside WHERE EXISTS anyone?

    serviceRequest.sql = "SET @emailAddress = ?, @password = ?;\
    SELECT @authToken:= ? AS authToken, @id:=id AS id FROM user WHERE emailAddress = @emailAddress AND password = @password;\
    INSERT INTO user_token(authToken, user_id) \
        SELECT @authToken, @id FROM DUAL WHERE EXISTS (SELECT id FROM user WHERE emailAddress = @emailAddress AND password = @password);";

serviceRequest.values = [request.body.credentials.emailAddress, request.body.credentials.password, "t3"];

    query #1. First user record was retrieved and variables (@token, @id) are set and are returned as result set.

    query #2. user_token insert will execute if record exists

    Appreciate if someone can improve this answer and optimize the queries further, especially query #2 where I've another select statement going on, I believe the WHERE EXISTS could utilize checking if @id is not null for the insert to happen, and I don't have to pass username/password twice in values array.