aboutsummaryrefslogtreecommitdiffstats
path: root/models/auth
Commit message (Collapse)AuthorAgeFilesLines
...
* WebAuthn CredentialID field needs to be increased in size (#20530)zeripath2022-07-302-14/+9
| | | | | | | | | | | | | WebAuthn have updated their specification to set the maximum size of the CredentialID to 1023 bytes. This is somewhat larger than our current size and therefore we need to migrate. The PR changes the struct to add CredentialIDBytes and migrates the CredentialID string to the bytes field before another migration drops the old CredentialID field. Another migration renames this field back. Fix #20457 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add more linters to improve code readability (#19989)Wim2022-06-201-4/+4
| | | | | | | | | | Add nakedret, unconvert, wastedassign, stylecheck and nolintlint linters to improve code readability - nakedret - https://github.com/alexkohler/nakedret - nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length. - unconvert - https://github.com/mdempsky/unconvert - Remove unnecessary type conversions - wastedassign - https://github.com/sanposhiho/wastedassign - wastedassign finds wasted assignment statements. - notlintlint - Reports ill-formed or insufficient nolint directives - stylecheck - https://staticcheck.io/docs/checks/#ST - keep style consistent - excluded: [ST1003 - Poorly chosen identifier](https://staticcheck.io/docs/checks/#ST1003) and [ST1005 - Incorrectly formatted error string](https://staticcheck.io/docs/checks/#ST1005)
* Move almost all functions' parameter db.Engine to context.Context (#19748)Lunny Xiao2022-05-202-113/+54
| | | | * Move almost all functions' parameter db.Engine to context.Context * remove some unnecessary wrap functions
* Delete user related oauth stuff on user deletion too (#19677)65432022-05-111-0/+20
| | | | | * delete user related oauth stuff on user deletion too * extend doctor check-db-consistency
* Fix some slice problems (incorrect slice length) (#19592)Lunny Xiao2022-05-031-1/+1
|
* Use a struct as test options (#19393)Lunny Xiao2022-04-141-7/+10
| | | | | | | * Use a struct as test options * Fix name * Fix test
* Attempt to fix the webauthn migration again - part 3 (#18770)zeripath2022-02-161-1/+1
| | | | | | | | v208.go is seriously broken as it misses an ID() check. We need to no-op and remigrate all of the u2f keys. See #18756 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use `CryptoRandomBytes` instead of `CryptoRandomString` (#18439)Gusted2022-02-041-4/+18
| | | | | | - Switch to use `CryptoRandomBytes` instead of `CryptoRandomString`, OAuth's secrets are copied pasted and don't need to avoid dubious characters etc. - `CryptoRandomBytes` gives ![2^256 = 1.15 * 10^77](https://render.githubusercontent.com/render/math?math=2^256%20=%201.15%20\cdot%2010^77) `CryptoRandomString` gives ![62^44 = 7.33 * 10^78](https://render.githubusercontent.com/render/math?math=62^44%20=%207.33%20\cdot%2010^78) possible states. - Add a prefix, such that code scanners can easily grep these in source code. - 32 Bytes + prefix
* Use base32 for 2FA scratch token (#18384)wxiaoguang2022-01-261-2/+6
| | | | * Use base32 for 2FA scratch token * rename Secure* to Crypto*, add comments
* format with gofumpt (#18184)65432022-01-201-7/+7
| | | | | | | | | | | * gofumpt -w -l . * gofumpt -w -l -extra . * Add linter * manual fix * change make fmt
* Webauthn nits (#18284)zeripath2022-01-152-9/+9
| | | | | | | This contains some additional fixes and small nits related to #17957 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Support webauthn (#17957)Lunny Xiao2022-01-145-255/+292
| | | | | | | Migrate from U2F to Webauthn Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor auth package (#17962)Lunny Xiao2022-01-029-0/+1812
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-04 06:20:41 +0000