1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-27 01:02:42 +01:00
phorge-phorge/resources/sql
epriestley 5a8a56f414 Prepare the new AuthPassword infrastructure for storing account passwords
Summary:
Ref T13043. In D18898 I moved VCS passwords to the new shared infrastructure.

Before account passwords can move, we need to make two changes:

  - For legacy reasons, VCS passwords and Account passwords have different "digest" algorithms. Both are more complicated than they should be, but we can't easily fix it without breaking existing passwords. Add a `PasswordHashInterface` so that objects which can have passwords hashes can implement custom digest logic for each password type.
  - Account passwords have a dedicated external salt (`PhabricatorUser->passwordSalt`). This is a generally reasonable thing to support (since not all hashers are self-salting) and we need to keep it around so existing passwords still work. Add salt support to `AuthPassword` and make it generate/regenerate when passwords are updated.

Then add a nice story about password digestion.

Test Plan: Ran migrations. Used an existing VCS password; changed VCS password. Tried to use a revoked password. Unit tests still pass. Grepped for callers to legacy `PhabricatorHash::digestPassword()`, found none.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13043

Differential Revision: https://secure.phabricator.com/D18900
2018-01-23 10:57:40 -08:00
..
autopatches Prepare the new AuthPassword infrastructure for storing account passwords 2018-01-23 10:57:40 -08:00
patches Migrate Project status to modular transactions 2017-05-18 11:36:13 -07:00
quickstart.sql Revert quickstart for tables with native FULLTEXT indexes to MyISAM 2017-09-12 12:24:23 -07:00
stopwords.txt Provide a setup warning about using the default MySQL stopword file 2014-08-13 15:34:09 -07:00
stopwords_myisam.txt Show users how fulltext search queries are parsed and executed; don't query stopwords or short tokens 2017-04-12 19:07:54 -07:00