From 78b88a1633925a1551cf27732213b7f613634b4e Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Mon, 25 Jul 2016 12:30:52 +1000
Subject: [PATCH] make upgrade a bit more seamless

---
 lib/auth/default_current_user_provider.rb | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/lib/auth/default_current_user_provider.rb b/lib/auth/default_current_user_provider.rb
index 9562314b83d..dc083c46c8c 100644
--- a/lib/auth/default_current_user_provider.rb
+++ b/lib/auth/default_current_user_provider.rb
@@ -8,6 +8,13 @@ class Auth::DefaultCurrentUserProvider
   TOKEN_COOKIE ||= "_t".freeze
   PATH_INFO ||= "PATH_INFO".freeze
 
+  # TODO remove this stuff in 2017 was only added to smoothen the upgrade process
+  def self.has_auth_token_updated_at?
+    (@has_auth_token_updated_at ||=
+      User.column_names.include?("auth_token_updated_at") ? :true : :false
+    ) == :true
+  end
+
   # do all current user initialization here
   def initialize(env)
     @env = env
@@ -36,10 +43,12 @@ class Auth::DefaultCurrentUserProvider
     current_user = nil
 
     if auth_token && auth_token.length == 32
-      current_user = User.where(auth_token: auth_token)
-                         .where('auth_token_updated_at IS NULL OR auth_token_updated_at > ?',
-                                  SiteSetting.maximum_session_age.hours.ago)
-                         .first
+      if ::Auth::DefaultCurrentUserProvider.has_auth_token_updated_at?
+        current_user = User.find_by("auth_token = ? AND (auth_token_updated_at IS NULL OR auth_token_updated_at > ?)",
+                                    auth_token, SiteSetting.maximum_session_age.hours.ago)
+      else
+        current_user = User.find_by(auth_token: auth_token)
+      end
     end
 
     if current_user && (current_user.suspended? || !current_user.active)
@@ -65,7 +74,10 @@ class Auth::DefaultCurrentUserProvider
   end
 
   def refresh_session(user, session, cookies)
-    if user && (!user.auth_token_updated_at || user.auth_token_updated_at <= 1.hour.ago)
+    if  user &&
+        ::Auth::DefaultCurrentUserProvider.has_auth_token_updated_at? &&
+        (!user.auth_token_updated_at || user.auth_token_updated_at <= 1.hour.ago)
+
       user.update_column(:auth_token_updated_at, Time.zone.now)
       cookies[TOKEN_COOKIE] = { value: user.auth_token, httponly: true, expires: SiteSetting.maximum_session_age.hours.from_now }
     end