fix: Indexes _email_verify_token for email verification and _perishable_token password reset are not created automatically

8.0.0.md

@@ -5,6 +5,7 @@ This document only highlights specific changes that require a longer explanation
 ---
 
 - [Email Verification](#email-verification)
+- [Database Indexes](#database-indexes)
 
 ---
 
@@ -25,3 +26,15 @@ The request to re-send a verification email changed to sending a `POST` request
 Related pull requests:
 
 - https://github.com/parse-community/parse-server/pull/8488
+
+## Database Indexes
+
+As part of the email verification and password reset improvements in Parse Server 8, the queries used for these operations have changed to use tokens instead of username/email fields. To ensure optimal query performance, Parse Server now automatically creates compound indexes on the following fields during server initialization:
+
+- `(_email_verify_token, emailVerified, _email_verify_token_expires_at)` - Used for email verification queries
+- `(_perishable_token, _perishable_token_expires_at)` - Used for password reset queries
+
+These sparse, compound indexes are created automatically when Parse Server starts. No manual intervention is required.
+
+> [!WARNING]
+> If you have a large existing user base, the index creation may take some time during the first server startup after upgrading to Parse Server 8. If you have any concerns regarding a potential database performance impact during index creation, you may create these indexes manually in a controlled manner before upgrading Parse Server.

spec/DatabaseController.spec.js

@@ -413,6 +413,12 @@ describe('DatabaseController', function () {
           case_insensitive_username: { username: 1 },
           case_insensitive_email: { email: 1 },
           email_1: { email: 1 },
+          _email_verify_token: {
+            _email_verify_token: 1,
+            emailVerified: 1,
+            _email_verify_token_expires_at: 1,
+          },
+          _perishable_token: { _perishable_token: 1, _perishable_token_expires_at: 1 },
         });
       }
     );
@@ -437,6 +443,12 @@ describe('DatabaseController', function () {
           _id_: { _id: 1 },
           username_1: { username: 1 },
           email_1: { email: 1 },
+          _email_verify_token: {
+            _email_verify_token: 1,
+            emailVerified: 1,
+            _email_verify_token_expires_at: 1,
+          },
+          _perishable_token: { _perishable_token: 1, _perishable_token_expires_at: 1 },
         });
       }
     );

src/Controllers/DatabaseController.js

@@ -1764,6 +1764,32 @@ class DatabaseController {
       throw error;
     });
 
+    await this.adapter
+      .ensureIndex(
+        '_User',
+        requiredUserFields,
+        ['_email_verify_token', 'emailVerified', '_email_verify_token_expires_at'],
+        '_email_verify_token',
+        false
+      )
+      .catch(error => {
+        logger.warn('Unable to create index for email verification token: ', error);
+        throw error;
+      });
+
+    await this.adapter
+      .ensureIndex(
+        '_User',
+        requiredUserFields,
+        ['_perishable_token', '_perishable_token_expires_at'],
+        '_perishable_token',
+        false
+      )
+      .catch(error => {
+        logger.warn('Unable to create index for password reset token: ', error);
+        throw error;
+      });
+
     await this.adapter.ensureUniqueness('_Role', requiredRoleFields, ['name']).catch(error => {
       logger.warn('Unable to ensure uniqueness for role name: ', error);
       throw error;