问题
I'm trying to sort out SQL statements in one query for an authentication sequence.
user
╔════╦══════════════╦══════════╗
║ id ║ emailAddress ║ password ║
╠════╬══════════════╬══════════╣
║ 1 ║ test1 ║ pass1 ║
║ 2 ║ test2 ║ pass2 ║
║ 3 ║ test3 ║ pass3 ║
╚════╩══════════════╩══════════╝
user_token
╔═══════╦═════════╗
║ token ║ user_id ║
╠═══════╬═════════╣
║ t1 ║ 1 ║
║ t2 ║ 2 ║
║ t3 ║ 3 ║
╚═══════╩═════════╝
- Check if record exists against and emailAddress and password
- If a match is found then insert a token with user_id into user_token table
- send back the user record in resultSet
My Attempts (partial) please note i can combine several sql statements delimited by ;
Conditional Insert
INSERT INTO user_token(token, user_id) SELECT ?, ? FROM DUAL WHERE EXISTS (SELECT * FROM user WHERE emailAddress = ? AND password = ?); ["t1", 1, "test1", "pass1"];Setting some sort of variable, an attempt to combined with other attempts.
SELECT @id:=id, emailAddress, password FROM user WHERE emailAddress = "test1" AND password = "pass1";I think I'm close but having issues with access @id from outside the subquery.
serviceRequest.sql = "INSERT INTO user_token(token, user_id)\ SELECT ?, @id FROM DUAL WHERE EXISTS ( SELECT @id:=id, emailAddress, password FROM user WHERE emailAddress = ? AND password = ? ); SELECT @id, ? FROM DUAL"; serviceRequest.values = ["t1", "test1", "pass1", "t1"];
Objective:
To combine multiple SQL statements employing logic in a single transaction/execution to achieve the authentication process, with the help of IF clause and user defined variables in SQL etc.
回答1:
Perhaps you are looking for last_insert_id() and row_count(). To be safe, I would assign these to variables:
INSERT INTO user_token(token, user_id)
SELECT ?, ? FROM DUAL
WHERE EXISTS (SELECT * FROM user WHERE emailAddress = ? AND password = ?);
SELECT @row_count := ROW_COUNT(), @last_insert_id = LAST_INSERT_ID();
SELECT u.*
FROM user
WHERE @row_count > 0 AND emailaddress = ? and password = ?;
I'm not sure that is exactly what you want, but this does show the use of the two functions that you probably need.
回答2:
Cracked it down finally, but I need improvements for query #2, using IF instead of executing another SELECT statement inside WHERE EXISTS anyone?
serviceRequest.sql = "SET @emailAddress = ?, @password = ?;\
SELECT @authToken:= ? AS authToken, @id:=id AS id FROM user WHERE emailAddress = @emailAddress AND password = @password;\
INSERT INTO user_token(authToken, user_id) \
SELECT @authToken, @id FROM DUAL WHERE EXISTS (SELECT id FROM user WHERE emailAddress = @emailAddress AND password = @password);";
serviceRequest.values = [request.body.credentials.emailAddress, request.body.credentials.password, "t3"];
query #1. First user record was retrieved and variables (@token, @id) are set and are returned as result set.
query #2. user_token insert will execute if record exists
Appreciate if someone can improve this answer and optimize the queries further, especially query #2 where I've another select statement going on, I believe the WHERE EXISTS could utilize checking if @id is not null for the insert to happen, and I don't have to pass username/password twice in values array.
来源:https://stackoverflow.com/questions/35528816/sql-multiple-statements-with-conditions