Core/Auth: Implement time-based token for user login as described in RFC 6238.

New column in account table is a base32 of token key bytes, coincidentally it is the same format Google's Authenticator Android app uses. If you want that to work, set system time on server correctly and use ntpd. Closes #10527 Signed-off-by: Nay <dnpd.dd@gmail.com>
author: raczman <raczman@gmail.com> 2013-08-25 14:02:40 +0100
committer: Nay <dnpd.dd@gmail.com> 2013-08-25 14:02:40 +0100
commit: ba22baebbd1394cc69366d7a19d879da43885430 (patch)
tree: ef30974328e765cde2b8fea6be2bc4fca53a5bf1 /sql
parent: e96aa444b07eb6d9b96b37bcef7742ad96225fb4 (diff)
2 files changed, 2 insertions, 0 deletions
diff --git a/sql/base/auth_database.sql b/sql/base/auth_database.sql
index 1f247a6b8ef..77f997a1718 100644
--- a/sql/base/auth_database.sql
+++ b/sql/base/auth_database.sql
@@ -29,6 +29,7 @@ CREATE TABLE `account` (
   `sessionkey` varchar(80) NOT NULL DEFAULT '',
   `v` varchar(64) NOT NULL DEFAULT '',
   `s` varchar(64) NOT NULL DEFAULT '',
+  `token_key` varchar(100) NOT NULL DEFAULT '',
   `email` varchar(254) NOT NULL DEFAULT '',
   `joindate` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   `last_ip` varchar(15) NOT NULL DEFAULT '127.0.0.1',
diff --git a/sql/updates/auth/2013_08_25_00_auth.sql b/sql/updates/auth/2013_08_25_00_auth.sql
new file mode 100644
index 00000000000..d1abc9eb958
--- /dev/null
+++ b/sql/updates/auth/2013_08_25_00_auth.sql
@@ -0,0 +1 @@
+ALTER TABLE `account` ADD COLUMN `token_key` varchar(100) NOT NULL DEFAULT '' AFTER `s`;
author	raczman <raczman@gmail.com>	2013-08-25 14:02:40 +0100
committer	Nay <dnpd.dd@gmail.com>	2013-08-25 14:02:40 +0100
commit	ba22baebbd1394cc69366d7a19d879da43885430 (patch)
tree	ef30974328e765cde2b8fea6be2bc4fca53a5bf1 /sql
parent	e96aa444b07eb6d9b96b37bcef7742ad96225fb4 (diff)