Commit graph

10 commits

Author SHA1 Message Date
Taavi Väänänen 6ef3d2418a
Database-level support for multiple auth devices
This adds new database tables to support storing multiple authentication
factors for a single user. The current approach taken is to use a single
database row per 2fa method and key. The current module/key abstraction
will have to be updated to support having multiple module types for a
single user (for example for having a separate module for recovery
codes), but this patch does not address that and instead keeps the
existing limitations, however the needed updates for that should be
doable with this database schema.

I've decided to add a new table instead of modifying the existing
oathauth_users table. This is mainly because adding an auto_increment
column to the existing table would be difficult, but also allows us to
update the table definition to follow MW conventions (namely the column
name prefixes). I've also used the opportunity to normalize the device
types onto a separate table.

The migration stage variable is set to SCHEMA_COMPAT_NEW so that
third-party wikis can use update.php normally and don't have to adjust
anything. This means that it needs to be manually set to _OLD on
wmf-config before merging this patch.

Since we're already working with the database schema, this add a new,
currently unused column for the creation data, so that T242847 will not
require a new schema change.

Bug: T242031
Bug: T242847
Change-Id: I6aa69c089340434737b55201b80398708a70c355
2023-02-24 15:33:00 +02:00
jenkins-bot f0c3d426db Merge "Drop broken postgres/patch-oathauth_users-drop-id-nextval.sql" 2022-09-30 08:15:59 +00:00
Kunal Mehta 751cce3259 Drop broken postgres/patch-oathauth_users-drop-id-nextval.sql
This patch has a syntax error. Once fixed, after it's applied to
the original postgres schema (P31006) it makes no difference and
can safely be dropped.

Bug: T312744
Change-Id: Ief18c3a428979d6c7f3592b5763630ac19b85d83
2022-09-29 22:34:19 -04:00
Umherirrender c1c8cf8e49 Bump minimum required version for upgrade to 1.31
Remove sql patches, mention the gerrit change to check version
- patch-remove_reset.sql - Ife5f1bae4ad65b66c5e20017cc43c0576b4aba19

Change-Id: Iae21017f7724390470ca89f492ef26f8ea36e0ad
2022-07-11 19:01:36 +02:00
Reedy de936aef6a Convert OATHAuth to abstract schema
Bug: T268564
Change-Id: I251fac0e1939cc84e7eab3e7514e07c81b2b0f1e
2022-02-18 10:36:56 +00:00
Reedy 9952cf8ee6 Make SQLite compatible patches
Bug: T264492
Change-Id: I622b177015740ca5f6f625250efa3d4ad71be448
2020-10-04 20:40:27 +00:00
Reedy 86986442f9 Remove Oracle and MSSQL schemas
MSSQL schema wasn't even plumbed in...

Change-Id: I07061b5e3ceb2464e6def363c6fe5b18ad4ce225
2019-12-10 14:27:55 +00:00
Dejan Savuljesku ea984e5c2b Refactor the extension to support multiple auth modules
Please note, this patch requires a schema change before merging

Change-Id: I71286534d21d95083436d64d79811943c1a1d032
ERM: #14484
Bug: T218210
2019-06-18 10:45:21 +00:00
Tyler Anthony Romeo d2097fbcaf Add non-MySQL database support
Created patch files for other database types.
Note that some types, such as Oracle, are
not guaranteed to work, since not even MW
core works with them yet anyway.

Bug: T67658
Change-Id: Ie9ce8a4d1140d16017c1aa83865f79d8b0986528
2016-10-31 19:06:52 +00:00
Tyler Anthony Romeo 89455cdfb2 Refactor extension key storage
This takes out the actual key information from
OATHUser and puts it into an OATHKey class, which OATHUser
depends on. This allows easily swapping keys in/out from
a user.

Change-Id: Ife5f1bae4ad65b66c5e20017cc43c0576b4aba19
2016-03-22 18:08:45 -07:00