Regression: unicity of email/username not working

[jrebecchi]

This happens with the following scenario:

• Launch GraphQL-Auth-Service
• Open a Mongo shell
• Destroy the collections

[jrebecchi]

Indeed, Mongoose is creating unique indexes only startup: https://stackoverflow.com/questions/38308011/mongoose-is-not-recreating-the-index-collection-is-dropped

By dropping a collection we drop its indexes and we would have to restart krypton-auth.

However, we can call the method ensureIndexes on each user creation/update. Mongoose will check that the unique indexes are set before any write operation, and if it is not set it will create them.

This method is declared as unrecommended for production as creating an index on a large DB in production can impact performance. https://mongoosejs.com/docs/api.html#model_Model.ensureIndexes.

But this operation is idempotent. If the unique index is already set, this method will not recreate a new one, it will just check it is there. https://docs.mongodb.com/manual/reference/method/db.collection.createIndex/#recreating-an-existing-index

So I think we should use it. In case of a collection drop, we do want the indexes to be reset on Mongo without having to explicitly restart krypton-auth.

[jrebecchi]

After further thoughts, the opposite choice has been made. It will be a limitation of the system. By dropping the MongoDB collections you need to restart Krypton Authentication.