mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 14:00:56 +01:00
9c00a43784
Summary: Ref T13043. Currently: - Passwords are stored separately in the "VCS Passwords" and "User" tables and don't share as much code as they could. - Because User objects are all over the place in the code, password hashes are all over the place too (i.e., often somewhere in process memory). This is a very low-severity, theoretical sort of issue, but it could make leaving a stray `var_dump()` in the code somewhere a lot more dangerous than it otherwise is. Even if we never do this, third-party developers might. So it "feels nice" to imagine separating this data into a different table that we rarely load. - Passwords can not be //revoked//. They can be //deleted//, but users can set the same password again. If you believe or suspect that a password may have been compromised, you might reasonably prefer to revoke it and force the user to select a //different// password. This change prepares to remedy these issues by adding a new, more modern dedicated password storage table which supports storing multiple password types (account vs VCS), gives passwords real PHIDs and transactions, supports DestructionEngine, supports revocation, and supports `bin/auth revoke`. It doesn't actually make anything use this new table yet. Future changes will migrate VCS passwords and account passwords to this table. (This also gives third party applications a reasonable place to store password hashes in a consistent way if they have some need for it.) Test Plan: Added some basic unit tests to cover general behavior. This is just skeleton code for now and will get more thorough testing when applications move. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13043 Differential Revision: https://secure.phabricator.com/D18894
19 lines
844 B
SQL
19 lines
844 B
SQL
CREATE TABLE {$NAMESPACE}_auth.auth_passwordtransaction (
|
|
id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
|
|
phid VARBINARY(64) NOT NULL,
|
|
authorPHID VARBINARY(64) NOT NULL,
|
|
objectPHID VARBINARY(64) NOT NULL,
|
|
viewPolicy VARBINARY(64) NOT NULL,
|
|
editPolicy VARBINARY(64) NOT NULL,
|
|
commentPHID VARBINARY(64) DEFAULT NULL,
|
|
commentVersion INT UNSIGNED NOT NULL,
|
|
transactionType VARCHAR(32) COLLATE {$COLLATE_TEXT} NOT NULL,
|
|
oldValue LONGTEXT COLLATE {$COLLATE_TEXT} NOT NULL,
|
|
newValue LONGTEXT COLLATE {$COLLATE_TEXT} NOT NULL,
|
|
contentSource LONGTEXT COLLATE {$COLLATE_TEXT} NOT NULL,
|
|
metadata LONGTEXT COLLATE {$COLLATE_TEXT} NOT NULL,
|
|
dateCreated INT UNSIGNED NOT NULL,
|
|
dateModified INT UNSIGNED NOT NULL,
|
|
UNIQUE KEY `key_phid` (`phid`),
|
|
KEY `key_object` (`objectPHID`)
|
|
) ENGINE=InnoDB, COLLATE {$COLLATE_TEXT};
|