diff options
| author | Treeston <treeston.mmoc@gmail.com> | 2019-08-10 21:34:51 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-10 21:34:51 +0200 |
| commit | 4211645834c467a03c60248e80818d3607be9ea7 (patch) | |
| tree | 673a1695581503b6ea3e49da5c3e0d06bf5d892e /sql/base | |
| parent | 3d356b97d4cc4c7ec4c641487241eae6dcc0558e (diff) | |
[3.3.5] Core/Authserver: TOTP rewrite: (PR #23633)
- Proper management commands (.account 2fa)
- Secrets can now be encrypted (set TOTPTokenSecret in .conf)
- Secret now stored in binary
- Argon2 and AES primitives
- Base32/64 support
Diffstat (limited to 'sql/base')
| -rw-r--r-- | sql/base/auth_database.sql | 36 |
1 files changed, 34 insertions, 2 deletions
diff --git a/sql/base/auth_database.sql b/sql/base/auth_database.sql index 0649fdb670c..ffcd11d5257 100644 --- a/sql/base/auth_database.sql +++ b/sql/base/auth_database.sql @@ -16,6 +16,29 @@ /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; -- +-- Table structure for table `secret_digest` +-- + +DROP TABLE IF EXISTS `secret_digest`; +/*!40101 SET @saved_cs_client = @@character_set_client */; +/*!40101 SET character_set_client = utf8 */; +CREATE TABLE `secret_digest` ( + `id` int(10) unsigned not null, + `digest` varchar(100) not null, + PRIMARY KEY (`id`) +) ENGINE=InnoDB; +/*!40101 SET character_set_client = @saved_cs_client */; + +-- +-- Dumping data for table `secret_digest` +-- + +LOCK TABLES `secret_digest` WRITE; +/*!40000 ALTER TABLE `secret_digest` DISABLE KEYS */; +/*!40000 ALTER TABLE `secret_digest` ENABLE KEYS */; +UNLOCK TABLES; + +-- -- Table structure for table `account` -- @@ -29,7 +52,7 @@ CREATE TABLE `account` ( `sessionkey` varchar(80) NOT NULL DEFAULT '', `v` varchar(64) NOT NULL DEFAULT '', `s` varchar(64) NOT NULL DEFAULT '', - `token_key` varchar(100) NOT NULL DEFAULT '', + `totp_secret` varbinary(128) DEFAULT NULL, `email` varchar(255) NOT NULL DEFAULT '', `reg_mail` varchar(255) NOT NULL DEFAULT '', `joindate` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, @@ -968,6 +991,9 @@ INSERT INTO `rbac_linked_permissions` VALUES (199,223), (199,225), (199,263), +(199,378), +(199,379), +(199,380), (199,496), (199,507), (199,525), @@ -1219,6 +1245,10 @@ INSERT INTO `rbac_permissions` VALUES (375,'Command: gm list'), (376,'Command: gm visible'), (377,'Command: go'), +(378,'Command: account 2fa'), +(379,'Command: account 2fa setup'), +(380,'Command: account 2fa remove'), +(381,'Command: account set 2fa'), (387,'Command: gobject'), (388,'Command: gobject activate'), (389,'Command: gobject add'), @@ -1800,7 +1830,9 @@ INSERT INTO `updates` VALUES ('2019_06_21_00_auth.sql','C519239830204B68E710F698BC0C9E89B6D5FD24','ARCHIVED','2019-06-21 00:00:00',0), ('2019_07_15_00_auth.sql','64B491CD197A4466D7F739D67DD30C9502FF393A','ARCHIVED','2019-07-15 00:00:00',0), ('2019_07_16_00_auth.sql','36CB53A9EBD64BFDCF7030083E36E534F1753773','ARCHIVED','2019-07-16 00:00:00',0), -('2019_07_17_00_auth.sql','4F983F039904894ACC483BE885676C5F0A18F06B','ARCHIVED','2019-07-17 00:00:00',0); +('2019_07_17_00_auth.sql','4F983F039904894ACC483BE885676C5F0A18F06B','ARCHIVED','2019-07-17 00:00:00',0), +('2019_08_10_00_auth.sql','E936802893474BB9B459D01BB5F181F54EDF0653','ARCHIVED','2019-08-10 00:00:00',0), +('2019_08_10_01_auth.sql','C58357260F0C70DA226A71F7E05DE2C49AAEFD74','ARCHIVED','2019-08-10 00:00:00',0); /*!40000 ALTER TABLE `updates` ENABLE KEYS */; UNLOCK TABLES; |