diff options
| author | E99p1ant <i@github.red> | 2022-06-05 13:34:21 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-06-05 13:34:21 +0800 |
| commit | a328e7ccc4f94e19cddfe5894636228663f5c7fa (patch) | |
| tree | 34d827770f004a40eb8dc1feb44109e63452d5a0 /internal/route | |
| parent | 155cae1de8916fc3fde78f350763034b7422caee (diff) | |
access_token: encrypt access token with SHA256 (#7008)
* access_token: encrypt access token with SHA256
* revert list access token
* fix lint
* generate schemadoc
* add database migrations
* fix tests
* fix tests
* add test case for access token golden
* fix test in postgres
* `Sha256` -> `SHA256`
* Use GORM for migration
* task generate-schemadoc
* Use unique
* change migration name
* allow read
* task generate-schemadoc
* add changelog
* fix lint error
* update changelog
* remove Debug
* add comments
Co-authored-by: Joe Chen <jc@unknwon.io>
Diffstat (limited to 'internal/route')
| -rw-r--r-- | internal/route/lfs/route.go | 2 | ||||
| -rw-r--r-- | internal/route/lfs/route_test.go | 4 | ||||
| -rw-r--r-- | internal/route/repo/http.go | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/internal/route/lfs/route.go b/internal/route/lfs/route.go index 0fd9617b..388dde0c 100644 --- a/internal/route/lfs/route.go +++ b/internal/route/lfs/route.go @@ -72,7 +72,7 @@ func authenticate() macaron.Handler { // If username and password authentication failed, try again using username as an access token. if auth.IsErrBadCredentials(err) { - token, err := db.AccessTokens.GetBySHA(username) + token, err := db.AccessTokens.GetBySHA1(username) if err != nil { if db.IsErrAccessTokenNotExist(err) { askCredentials(c.Resp) diff --git a/internal/route/lfs/route_test.go b/internal/route/lfs/route_test.go index 9571c89d..119b925e 100644 --- a/internal/route/lfs/route_test.go +++ b/internal/route/lfs/route_test.go @@ -75,7 +75,7 @@ func Test_authenticate(t *testing.T) { }, }, mockAccessTokensStore: &db.MockAccessTokensStore{ - MockGetBySHA: func(sha string) (*db.AccessToken, error) { + MockGetBySHA1: func(sha string) (*db.AccessToken, error) { return nil, db.ErrAccessTokenNotExist{} }, }, @@ -120,7 +120,7 @@ func Test_authenticate(t *testing.T) { }, }, mockAccessTokensStore: &db.MockAccessTokensStore{ - MockGetBySHA: func(sha string) (*db.AccessToken, error) { + MockGetBySHA1: func(sha string) (*db.AccessToken, error) { return &db.AccessToken{}, nil }, MockSave: func(t *db.AccessToken) error { diff --git a/internal/route/repo/http.go b/internal/route/repo/http.go index e5a7570d..b5bbefc1 100644 --- a/internal/route/repo/http.go +++ b/internal/route/repo/http.go @@ -131,7 +131,7 @@ func HTTPContexter() macaron.Handler { // If username and password combination failed, try again using username as a token. if authUser == nil { - token, err := db.AccessTokens.GetBySHA(authUsername) + token, err := db.AccessTokens.GetBySHA1(authUsername) if err != nil { if db.IsErrAccessTokenNotExist(err) { askCredentials(c, http.StatusUnauthorized, "") |