gitea/models/migrations/v1_6/v71.go

// Copyright 2018 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package v1_6 //nolint

import (
	"fmt"

	"code.gitea.io/gitea/models/migrations/base"
	"code.gitea.io/gitea/modules/timeutil"
	"code.gitea.io/gitea/modules/util"

	"xorm.io/xorm"
)

func AddScratchHash(x *xorm.Engine) error {
	// TwoFactor see models/twofactor.go
	type TwoFactor struct {
		ID               int64 `xorm:"pk autoincr"`
		UID              int64 `xorm:"UNIQUE"`
		Secret           string
		ScratchToken     string
		ScratchSalt      string
		ScratchHash      string
		LastUsedPasscode string             `xorm:"VARCHAR(10)"`
		CreatedUnix      timeutil.TimeStamp `xorm:"INDEX created"`
		UpdatedUnix      timeutil.TimeStamp `xorm:"INDEX updated"`
	}

	if err := x.Sync(new(TwoFactor)); err != nil {
		return fmt.Errorf("Sync: %w", err)
	}

	sess := x.NewSession()
	defer sess.Close()

	if err := sess.Begin(); err != nil {
		return err
	}

	// transform all tokens to hashes
	const batchSize = 100
	for start := 0; ; start += batchSize {
		tfas := make([]*TwoFactor, 0, batchSize)
		if err := sess.Limit(batchSize, start).Find(&tfas); err != nil {
			return err
		}
		if len(tfas) == 0 {
			break
		}

		for _, tfa := range tfas {
			// generate salt
			salt, err := util.CryptoRandomString(10)
			if err != nil {
				return err
			}
			tfa.ScratchSalt = salt
			tfa.ScratchHash = base.HashToken(tfa.ScratchToken, salt)

			if _, err := sess.ID(tfa.ID).Cols("scratch_salt, scratch_hash").Update(tfa); err != nil {
				return fmt.Errorf("couldn't add in scratch_hash and scratch_salt: %w", err)
			}
		}
	}

	// Commit and begin new transaction for dropping columns
	if err := sess.Commit(); err != nil {
		return err
	}
	if err := sess.Begin(); err != nil {
		return err
	}

	if err := base.DropTableColumns(sess, "two_factor", "scratch_token"); err != nil {
		return err
	}
	return sess.Commit()
}
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`// Copyright 2018 The Gitea Authors. All rights reserved.`
Implement FSFE REUSE for golang files (#21840) Change all license headers to comply with REUSE specification. Fix #16132 Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github> Co-authored-by: John Olheiser <john.olheiser@gmail.com> 2022-11-27 11:20:29 -07:00			`// SPDX-License-Identifier: MIT`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00
Update go dev dependencies (#22064) `golangci-lint` [deprecated](https://github.com/golangci/golangci-lint/issues/1841) a bunch of linters, removed them. 2022-12-08 01:21:37 -07:00			`package v1_6 //nolint`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00
			`import (`
			`"fmt"`

Split migrations folder (#21549) There are too many files in `models/migrations` folder so that I split them into sub folders. 2022-11-02 02:54:36 -06:00			`"code.gitea.io/gitea/models/migrations/base"`
Display ui time with customize time location (#7792) * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger 2019-08-15 08:46:21 -06:00			`"code.gitea.io/gitea/modules/timeutil"`
Use single shared random string generation function (#15741) * Use single shared random string generation function - Replace 3 functions that do the same with 1 shared one - Use crypto/rand over math/rand for a stronger RNG - Output only alphanumerical for URL compatibilty Fixes: #15536 * use const string method * Update modules/avatar/avatar.go Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: a1012112796 <1012112796@qq.com> 2021-05-10 00:45:17 -06:00			`"code.gitea.io/gitea/modules/util"`
Display ui time with customize time location (#7792) * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger 2019-08-15 08:46:21 -06:00
Upgrade xorm to v0.8.0 (#8536) 2019-10-17 03:26:49 -06:00			`"xorm.io/xorm"`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`)`

Split migrations folder (#21549) There are too many files in `models/migrations` folder so that I split them into sub folders. 2022-11-02 02:54:36 -06:00			`func AddScratchHash(x *xorm.Engine) error {`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`// TwoFactor see models/twofactor.go`
			`type TwoFactor struct {`
			ID int64 `xorm:"pk autoincr"`
			UID int64 `xorm:"UNIQUE"`
			`Secret string`
			`ScratchToken string`
			`ScratchSalt string`
			`ScratchHash string`
Display ui time with customize time location (#7792) * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger 2019-08-15 08:46:21 -06:00			LastUsedPasscode string `xorm:"VARCHAR(10)"`
			CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"`
			UpdatedUnix timeutil.TimeStamp `xorm:"INDEX updated"`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`}`

Rename `Sync2` -> `Sync` (#26479) The xorm `Sync2` has already been deprecated in favor of `Sync`, so let's do the same inside the Gitea codebase. Command used to replace everything: ```sh for i in $(ag Sync2 --files-with-matches); do vim $i -c ':%sno/Sync2/Sync/g' -c ':wq'; done ``` 2023-08-13 13:17:21 -06:00			`if err := x.Sync(new(TwoFactor)); err != nil {`
			`return fmt.Errorf("Sync: %w", err)`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`}`

			`sess := x.NewSession()`
			`defer sess.Close()`

			`if err := sess.Begin(); err != nil {`
			`return err`
			`}`

			`// transform all tokens to hashes`
			`const batchSize = 100`
			`for start := 0; ; start += batchSize {`
			`tfas := make([]*TwoFactor, 0, batchSize)`
update v71.go to resolve #5595 (#5613) 2018-12-31 06:23:03 -07:00			`if err := sess.Limit(batchSize, start).Find(&tfas); err != nil {`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`return err`
			`}`
			`if len(tfas) == 0 {`
			`break`
			`}`

			`for _, tfa := range tfas {`
			`// generate salt`
Use base32 for 2FA scratch token (#18384) * Use base32 for 2FA scratch token * rename Secure* to Crypto*, add comments 2022-01-25 21:10:10 -07:00			`salt, err := util.CryptoRandomString(10)`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`if err != nil {`
			`return err`
			`}`
			`tfa.ScratchSalt = salt`
Split migrations folder (#21549) There are too many files in `models/migrations` folder so that I split them into sub folders. 2022-11-02 02:54:36 -06:00			`tfa.ScratchHash = base.HashToken(tfa.ScratchToken, salt)`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00
			`if _, err := sess.ID(tfa.ID).Cols("scratch_salt, scratch_hash").Update(tfa); err != nil {`
Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) Found using `find . -type f -name '.go' -print -exec vim {} -c ':%s/fmt\.Errorf(\(.\)%v\(.*\)err/fmt.Errorf(\1%w\2err/g' -c ':wq' \;` Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> 2022-10-24 13:29:17 -06:00			`return fmt.Errorf("couldn't add in scratch_hash and scratch_salt: %w", err)`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`}`
			`}`
			`}`

			`// Commit and begin new transaction for dropping columns`
			`if err := sess.Commit(); err != nil {`
			`return err`
			`}`
			`if err := sess.Begin(); err != nil {`
			`return err`
			`}`

Split migrations folder (#21549) There are too many files in `models/migrations` folder so that I split them into sub folders. 2022-11-02 02:54:36 -06:00			`if err := base.DropTableColumns(sess, "two_factor", "scratch_token"); err != nil {`
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 06:54:50 -06:00			`return err`
			`}`
			`return sess.Commit()`
			`}`