luckyimnotanigger/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-05-15 14:32:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

feat: migrate TOTP secrets to keying

Browse source 
- Currently the TOTP secrets are stored using the `secrets` module with
as key the MD5 hash of the Secretkey, the `secrets` module uses general
bad practices. This patch migrates the secrets to use the `keying`
module (#5041) which is easier to use and use better practices to store
secrets in databases.
- Migration test added.
- Remove the Forgejo migration databases, and let the gitea migration
databases also run forgejo migration databases. This is required as the
Forgejo migration is now also touching tables that the forgejo migration
didn't create itself.
This commit is contained in:
Gusted 2024-11-26 02:31:26 +01:00
parent ad70e7dfb3
commit a8c61532d2
No known key found for this signature in database
GPG key ID: FD821B732837125F
18 changed files with 149 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tests/integration/api_twofa_test.go
View file

@ -38,9 +38,8 @@ func TestAPITwoFactor(t *testing.T) {
tfa := &auth_model.TwoFactor{
UID: user.ID,
}
require.NoError(t, tfa.SetSecret(otpKey.Secret()))
require.NoError(t, auth_model.NewTwoFactor(db.DefaultContext, tfa))
require.NoError(t, auth_model.NewTwoFactor(db.DefaultContext, tfa, otpKey.Secret()))
req = NewRequest(t, "GET", "/api/v1/user").
AddBasicAuth(user.Name)