IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: Hash user API keys in the database (#9344)

Browse Source 
The 'key' column will be dropped in a future commit.
This commit is contained in:
Dan Ungureanu
2020-04-07 16:42:52 +03:00
committed by GitHub
parent 34df9f7908
commit 0653750fbf
6 changed files with 62 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
db/migrate/20200403100259_add_key_hash_to_user_api_key.rb Normal file
View File

@@ -0,0 +1,32 @@
# frozen_string_literal: true
class AddKeyHashToUserApiKey < ActiveRecord::Migration[6.0]
def up
add_column :user_api_keys, :key_hash, :string
batch_size = 500
loop do
rows = DB
.query("SELECT id, key FROM user_api_keys WHERE key_hash IS NULL LIMIT #{batch_size}")
.map { |row| { id: row.id, key_hash: Digest::SHA256.hexdigest(key) } }
break if rows.size == 0
data_string = rows.map { |r| "(#{r[:id]}, '#{r[:key_hash]}')" }.join(",")
execute <<~SQL
UPDATE user_api_keys
SET key_hash = data.key_hash
FROM (VALUES #{data_string}) AS data(id, key_hash)
WHERE user_api_keys.id = data.id
SQL
break if rows.size < batch_size
end
change_column_null :user_api_keys, :key_hash, false
end
def down
drop_column :user_api_keys, :key_hash, :string
end
end