Home/ Questions/Q 4042942
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T13:04:01+00:00

In my User model, I have: validates_uniqueness_of :fb_uid (I’m using facebook connect). However, at

  • 0

In my User model, I have:

validates_uniqueness_of :fb_uid (I’m using facebook connect).

However, at times, I’m getting duplicate rows upon user sign up. This is Very Bad.

The creation time of the two records is within 100ms. I haven’t been able to determine if it happens in two separate requests or not (heroku logging sucks and only goes back so far and it’s only happened twice).

Two things:

  • Sometimes the request takes some time, because I query FB API for name info, friends, and picture.
  • I’m using bigint to store fb_uid (backend is postgres).

I haven’t been able to replicate in dev.

Any ideas would be extremely appreciated.

The signin function

def self.create_from_cookie(fb_cookie, remote_ip = nil)
    return nil unless fb_cookie
    return nil unless fb_hash = authenticate_cookie(fb_cookie)
    uid = fb_hash["uid"].join.to_i

    #Make user and set data
    fb_user = FacebookUser.new
    fb_user.fb_uid = uid
    fb_user.fb_authorized = true
    fb_user.email_confirmed = true
    fb_user.creation_ip = remote_ip
    fb_name_data, fb_friends_data, fb_photo_data, fb_photo_ext = fb_user.query_data(fb_hash)
    return nil unless fb_name_data
    fb_user.set_name(fb_name_data)
    fb_user.set_photo(fb_photo_data, fb_photo_ext)

    #Save user and friends to the db
    return nil unless fb_user.save
    fb_user.set_friends(fb_friends_data)
    return fb_user
end
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’m not terribly familiar with facebook connect, but is it possible to get two of the same uuid if two separate users from two separate accounts post a request in very quick succession before either request has completed? (Otherwise known as a race condition) validates_uniqueness_of can still suffer from this sort of race condition, details can be found here:

    http://apidock.com/rails/ActiveModel/Validations/ClassMethods/validates_uniqueness_of

    Because this check is performed
    outside the database there is still a
    chance that duplicate values will be
    inserted in two parallel transactions.
    To guarantee against this you should
    create a unique index on the field.
    See add_index for more information.

    You can really make sure this will never happen by adding a database constraint. Add this to a database migration and then run it:

    add_index :user, :fb_uid, :unique => true

    Now a user would get an error instead of being able to complete the request, which is usually preferable to generating illegal data in your database which you have to debug and clean out manually.

    • 0