Skip to content

fix: reprompt for a fresh password after MySQL auth-expired reconnect#1846

Merged
datlechin merged 3 commits into
TableProApp:mainfrom
hcagricakir:fix/mysql-reconnect-auth-prompt
Jul 10, 2026
Merged

fix: reprompt for a fresh password after MySQL auth-expired reconnect#1846
datlechin merged 3 commits into
TableProApp:mainfrom
hcagricakir:fix/mysql-reconnect-auth-prompt

Conversation

@hcagricakir

@hcagricakir hcagricakir commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Summary

This fixes a reconnect bug for MySQL / MariaDB connections that are configured to prompt for a password at connect time.

When a temporary production session expires, TablePro can lose the connection and enter the auto-reconnect path. If the server then returns an authentication failure such as MySQL 1045 / SQLSTATE 28000, the app was retrying with the stale in-memory password and could remain stuck in the Connecting state instead of asking the user for a fresh password.

Problem

Reproduction shape:

  1. Create a MySQL or MariaDB connection that uses Prompt for Password.
  2. Connect with a temporary credential or time-limited session password.
  3. Let the session expire so the next reconnect attempt fails with an auth error.
  4. TablePro enters the reconnect loop, keeps retrying with the expired cached password, and never gives the user a chance to re-enter credentials.

This is especially visible in short-lived production access workflows where developers receive a 30-minute or 60-minute password/session and must request access again after expiry.

Root Cause

The health-monitor reconnect flow reused session.cachedPassword for reconnect attempts, but it did not distinguish between:

  • transient reconnect failures that should keep retrying, and
  • authentication failures that require fresh user input.

As a result, the reconnect loop kept reusing the stale password for auth-expired sessions.

What Changed

Reconnect outcome handling

  • ConnectionHealthMonitor now supports three reconnect outcomes instead of a simple success/fail boolean:
    • success
    • retry
    • abort
  • This lets the reconnect loop stop cleanly when the user cancels a recovery prompt instead of spinning forever.

Authentication-aware reconnect recovery

  • DatabaseManager now detects auth failures during reconnect using plugin error metadata and fallback message matching.
  • For MySQL / MariaDB auth failures (1045, 28000, and equivalent error text), prompt-for-password connections now request a fresh password.
  • If a new password is provided, reconnect retries once with the new value and updates the in-memory cached password on success.
  • If the prompt is cancelled, reconnect stops instead of continuing the loop.

Manual reconnect path parity

  • The same reconnect credential recovery logic is shared by the health-monitor reconnect path and the manual reconnect path so both behaviors stay aligned.

Regression coverage

  • Added tests for:
    • auth failure detection from plugin metadata
    • retrying reconnect recovery with a fresh prompted password
    • aborting reconnect recovery when the prompt is cancelled

Changelog

  • Added an [Unreleased] changelog entry describing the fix.

User Impact

Before this change:

  • expiring temporary MySQL credentials could leave a connection stuck in Connecting
  • users had no route to enter the renewed password without backing out and reconnecting manually

After this change:

  • auth-expired reconnects ask for a fresh password
  • cancelling the prompt stops the reconnect loop cleanly
  • successful re-entry restores the connection without requiring the connection definition to be recreated

Scope / Non-goals

This PR intentionally only reprompts for the secret.

It does not reopen the full connection form or ask for a new username. The existing username is preserved, which matches the current connection model and keeps the fix scoped to the reconnect bug.

Validation

  • git diff --check
  • targeted regression tests added for the reconnect credential recovery logic

Suggested reviewer test plan

  1. Save a MySQL connection with Prompt for Password enabled.
  2. Connect using a temporary credential.
  3. Expire or revoke that credential.
  4. Trigger auto-reconnect.
  5. Confirm TablePro asks for a fresh password instead of remaining stuck in Connecting.
  6. Enter the renewed password and confirm reconnect succeeds.
  7. Repeat and cancel the prompt to confirm reconnect stops cleanly.

@hcagricakir hcagricakir force-pushed the fix/mysql-reconnect-auth-prompt branch from dc62292 to 31720c1 Compare July 9, 2026 09:42
@hcagricakir hcagricakir marked this pull request as ready for review July 9, 2026 09:44
@chatgpt-codex-connector

Copy link
Copy Markdown

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

@datlechin datlechin merged commit bd4da08 into TableProApp:main Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants