SQL multiple statements with conditions

Question

I'm trying to sort out SQL statements in one query for an authentication sequence.

user

╔════╦══════════════╦══════════╗
║ id ║ emailAddress ║ password ║
╠════╬══════════════╬══════════╣
║  1 ║ test1        ║ pass1    ║
║  2 ║ test2        ║ pass2    ║
║  3 ║ test3        ║ pass3    ║
╚════╩══════════════╩══════════╝

user_token

╔═══════╦═════════╗
║ token ║ user_id ║
╠═══════╬═════════╣
║ t1    ║       1 ║
║ t2    ║       2 ║
║ t3    ║       3 ║
╚═══════╩═════════╝

1. Check if record exists against and emailAddress and password
2. If a match is found then insert a token with user_id into user_token table
3. send back the user record in resultSet

My Attempts (partial) please note i can combine several sql statements delimited by ;

1. Conditional Insert

    INSERT INTO user_token(token, user_id) SELECT ?, ? FROM DUAL WHERE EXISTS (SELECT * FROM user WHERE emailAddress = ? AND password = ?); ["t1", 1, "test1", "pass1"]; 

2. Setting some sort of variable, an attempt to combined with other attempts.

    SELECT @id:=id, emailAddress, password FROM user WHERE emailAddress = "test1" AND password = "pass1"; 

3. I think I'm close but having issues with access @id from outside the subquery.

    serviceRequest.sql = "INSERT INTO user_token(token, user_id)\\ SELECT ?, @id FROM DUAL WHERE EXISTS ( SELECT @id:=id, emailAddress, password FROM user WHERE emailAddress = ? AND password = ? ); SELECT @id, ? FROM DUAL"; serviceRequest.values = ["t1", "test1", "pass1", "t1"]; 

Objective :

To combine multiple SQL statements employing logic in a single transaction/execution to achieve the authentication process, with the help of IF clause and user defined variables in SQL etc.

Answer 1

Perhaps you are looking for last_insert_id() and row_count() . To be safe, I would assign these to variables:

INSERT INTO user_token(token, user_id)
    SELECT ?, ? FROM DUAL
    WHERE EXISTS (SELECT * FROM user WHERE emailAddress = ? AND password = ?);

SELECT @row_count := ROW_COUNT(), @last_insert_id = LAST_INSERT_ID();

SELECT u.*
FROM user
WHERE @row_count > 0 AND emailaddress = ? and password = ?;

I'm not sure that is exactly what you want, but this does show the use of the two functions that you probably need.

Answer 2

Cracked it down finally, but I need improvements for query #2, using IF instead of executing another SELECT statement inside WHERE EXISTS anyone?

serviceRequest.sql = "SET @emailAddress = ?, @password = ?;\
    SELECT @authToken:= ? AS authToken, @id:=id AS id FROM user WHERE emailAddress = @emailAddress AND password = @password;\
    INSERT INTO user_token(authToken, user_id) \
        SELECT @authToken, @id FROM DUAL WHERE EXISTS (SELECT id FROM user WHERE emailAddress = @emailAddress AND password = @password);";

serviceRequest.values = [request.body.credentials.emailAddress, request.body.credentials.password, "t3"];

query #1 . First user record was retrieved and variables ( @token , @id ) are set and are returned as result set.

query #2 . user_token insert will execute if record exists

Appreciate if someone can improve this answer and optimize the queries further, especially query #2 where I've another select statement going on, I believe the WHERE EXISTS could utilize checking if @id is not null for the insert to happen, and I don't have to pass username/password twice in values array.