-- Deploy tipus:check_cookie to pg -- requires: roles -- requires: schema_public -- requires: schema_auth -- requires: user begin; set search_path to public, auth; create or replace function check_cookie(input_cookie text) returns name as $$ declare uid text; user_email text; user_role name; user_cookie text; begin select user_id::text, email::text, role, cookie into uid, user_email, user_role, user_cookie from "user" where email = split_part(input_cookie, '/', 2) and cookie_expires_at > current_timestamp and length(password) > 0 and cookie = split_part(input_cookie, '/', 1); if user_role is null then uid := '0'; user_email := ''; user_cookie := ''; user_role := 'guest'::name; end if; perform set_config('request.user.email', user_email, false); perform set_config('request.user.cookie', user_cookie, false); return user_role; end; $$ language plpgsql security definer stable set search_path = auth, pg_temp; comment on function check_cookie(text) is 'Checks whether a given cookie is for a valid users, returning their role, and setting current_user_email and current_user_cookie'; revoke execute on function check_cookie(text) from public; grant execute on function check_cookie(text) to authenticator; commit;