Users table index on recovery_token is not being used in queries #1398

travis-humata · 2024-02-05T19:37:15Z

Bug report

The following query, which should be nearly instant, accounts for 8% of our DB usage and 1500 ms per query:

SELECT (a bunch of columns) 
FROM users AS users 
WHERE recovery_token = $1 and is_sso_user = $2 
LIMIT $3

On investigation this query is running a seq_scan instead of using the index on recovery_token:

This is the index in question:

CREATE UNIQUE INDEX recovery_token_idx ON auth.users USING btree (recovery_token) WHERE ((recovery_token)::text !~ '^[0-9 ]*$'::text)

I confirm this is a bug with Supabase, not with my own application.
I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

A clear and concise description of what the bug is.

To Reproduce

Run:

explain analyze SELECT *
FROM auth.users
WHERE recovery_token = 'abc';

Expected behavior

Should be nearly instant and use index in query plan

…ueries (#1454) ## What kind of change does this PR introduce? Use the nil instance ID so that we can leverage the compound index on instance_id and user_id when performing search and deletion Aims to address #1449 and #1398. We note that `LogoutAllRefreshTokens` was marked as deprecated and may be possible to remove if all access tokens now have a `sessionId`. Additionally, `FindTokenBySessionID` can likely be replaced by using `FindCurrentlyActiveRefreshToken`. We will revisit these in a week or two but they are out of scope for this PR. Co-authored-by: joel <[email protected]>

J0 · 2024-03-12T03:04:52Z

closing as this has been deployed - let us know if there are still issues though

nthouliss · 2024-05-22T01:15:18Z

Hi,

I'm still seeing this issue on my project. Is the index supposed to one provisioned by supabase or should we be creating this index ourselves? I'd just like to verify this because I can see that no index is created for the column on my project.

Edit: Quick correction, there is an index on my project for recovery_token on auth.users but it isn't being used.

…ueries (supabase#1454) ## What kind of change does this PR introduce? Use the nil instance ID so that we can leverage the compound index on instance_id and user_id when performing search and deletion Aims to address supabase#1449 and supabase#1398. We note that `LogoutAllRefreshTokens` was marked as deprecated and may be possible to remove if all access tokens now have a `sessionId`. Additionally, `FindTokenBySessionID` can likely be replaced by using `FindCurrentlyActiveRefreshToken`. We will revisit these in a week or two but they are out of scope for this PR. Co-authored-by: joel <[email protected]>

travis-humata added the bug Something isn't working label Feb 5, 2024

travis-humata mentioned this issue Feb 23, 2024

Index for refresh_tokens on deletion by user_id not used properly #1449

Closed

2 tasks

J0 mentioned this issue Feb 26, 2024

feat: use dummy instance id to improve performance on refresh token queries #1454

Merged

J0 closed this as completed Mar 12, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Users table index on recovery_token is not being used in queries #1398

Users table index on recovery_token is not being used in queries #1398

travis-humata commented Feb 5, 2024

J0 commented Mar 12, 2024

nthouliss commented May 22, 2024 •

edited

Loading

Users table index on recovery_token is not being used in queries #1398

Users table index on recovery_token is not being used in queries #1398

Comments

travis-humata commented Feb 5, 2024

Bug report

Describe the bug

To Reproduce

Expected behavior

J0 commented Mar 12, 2024

nthouliss commented May 22, 2024 • edited Loading

nthouliss commented May 22, 2024 •

edited

Loading