Grot (@grafanabot)
30b91296ad
* Auth: Allow soft token revocation (#31601)
* Add revoked_at field to user auth token to allow soft revokes
* Allow soft token revocations
* Update token revocations and tests
* Return error info on revokedTokenErr
* Override session cookie only when no revokedErr nor API request
* Display modal on revoked token error
* Feedback: Refactor TokenRevokedModal to FC
* Add GetUserRevokedTokens into UserTokenService
* Backendsrv: adds tests and refactors soft token path
* Apply feedback
* Write redirect cookie on token revoked error
* Update TokenRevokedModal style
* Return meaningful error info
* Some UI changes
* Update backend_srv tests
* Minor style fix on backend_srv tests
* Replace deprecated method usage to publish events
* Fix backend_srv tests
* Apply suggestions from code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Apply suggestions from code review
* Apply suggestions from code review
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Minor style fix after PR suggestion commit
* Apply suggestions from code review
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
* Prettier fixes
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
(cherry picked from commit 610999cfa2)
* Back to the old method to emit app events
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
48 lines
1.8 KiB
Go
48 lines
1.8 KiB
Go
package migrations
|
|
|
|
import (
|
|
. "github.com/grafana/grafana/pkg/services/sqlstore/migrator"
|
|
)
|
|
|
|
func addUserAuthTokenMigrations(mg *Migrator) {
|
|
userAuthTokenV1 := Table{
|
|
Name: "user_auth_token",
|
|
Columns: []*Column{
|
|
{Name: "id", Type: DB_BigInt, IsPrimaryKey: true, IsAutoIncrement: true},
|
|
{Name: "user_id", Type: DB_BigInt, Nullable: false},
|
|
{Name: "auth_token", Type: DB_NVarchar, Length: 100, Nullable: false},
|
|
{Name: "prev_auth_token", Type: DB_NVarchar, Length: 100, Nullable: false},
|
|
{Name: "user_agent", Type: DB_NVarchar, Length: 255, Nullable: false},
|
|
{Name: "client_ip", Type: DB_NVarchar, Length: 255, Nullable: false},
|
|
{Name: "auth_token_seen", Type: DB_Bool, Nullable: false},
|
|
{Name: "seen_at", Type: DB_Int, Nullable: true},
|
|
{Name: "rotated_at", Type: DB_Int, Nullable: false},
|
|
{Name: "created_at", Type: DB_Int, Nullable: false},
|
|
{Name: "updated_at", Type: DB_Int, Nullable: false},
|
|
},
|
|
Indices: []*Index{
|
|
{Cols: []string{"auth_token"}, Type: UniqueIndex},
|
|
{Cols: []string{"prev_auth_token"}, Type: UniqueIndex},
|
|
{Cols: []string{"user_id"}, Type: IndexType},
|
|
},
|
|
}
|
|
|
|
mg.AddMigration("create user auth token table", NewAddTableMigration(userAuthTokenV1))
|
|
mg.AddMigration("add unique index user_auth_token.auth_token", NewAddIndexMigration(userAuthTokenV1, userAuthTokenV1.Indices[0]))
|
|
mg.AddMigration("add unique index user_auth_token.prev_auth_token", NewAddIndexMigration(userAuthTokenV1, userAuthTokenV1.Indices[1]))
|
|
|
|
mg.AddMigration("add index user_auth_token.user_id", NewAddIndexMigration(userAuthTokenV1, userAuthTokenV1.Indices[2]))
|
|
|
|
mg.AddMigration(
|
|
"Add revoked_at to the user auth token",
|
|
NewAddColumnMigration(
|
|
userAuthTokenV1,
|
|
&Column{
|
|
Name: "revoked_at",
|
|
Type: DB_Int,
|
|
Nullable: true,
|
|
},
|
|
),
|
|
)
|
|
}
|