Merge pull request #8218 from tchak/clean-remove-legacy-token-code

clean(api_token): remove administrateur token support
This commit is contained in:
Paul Chavard 2022-12-08 17:42:36 +01:00 committed by GitHub
commit 169d701a03
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 41 deletions

View file

@ -9,7 +9,7 @@
# user_id :bigint not null # user_id :bigint not null
# #
class Administrateur < ApplicationRecord class Administrateur < ApplicationRecord
self.ignored_columns = [:active] self.ignored_columns = [:active, :encrypted_token]
UNUSED_ADMIN_THRESHOLD = 6.months UNUSED_ADMIN_THRESHOLD = 6.months

View file

@ -38,25 +38,14 @@ class APIToken < ApplicationRecord
# the migration to the APIToken model set `version: 1` for all the v1 and v2 token # the migration to the APIToken model set `version: 1` for all the v1 and v2 token
# this is the only place where we can fix the version # this is the only place where we can fix the version
where(administrateur_id:, version: 1).update_all(version: 2) # update to v2 where(administrateur_id:, version: 1).update_all(version: 2) # update to v2
find_by(administrateur_id:, version: 2)&.then(&ensure_valid_token(plain_token)) || find_by(administrateur_id:, version: 2)&.then(&ensure_valid_token(plain_token))
find_with_administrateur_encrypted_token(plain_token, administrateurs) # before migration
in { plain_token: } # token v1 in { plain_token: } # token v1
where(administrateur: administrateurs, version: 1).find(&ensure_valid_token(plain_token)) || where(administrateur: administrateurs, version: 1).find(&ensure_valid_token(plain_token))
find_with_administrateur_encrypted_token(plain_token, administrateurs) # before migration
end end
end end
private private
# FIXME remove after migration
def find_with_administrateur_encrypted_token(plain_token, administrateurs)
administrateurs
.lazy
.filter { _1.encrypted_token.present? }
.map { APIToken.new(administrateur: _1, encrypted_token: _1.encrypted_token, version: 1) }
.find(&ensure_valid_token(plain_token))
end
UUID_SIZE = SecureRandom.uuid.size UUID_SIZE = SecureRandom.uuid.size
def unpack(maybe_packed_token) def unpack(maybe_packed_token)
case message_verifier.verified(maybe_packed_token) case message_verifier.verified(maybe_packed_token)

View file

@ -121,23 +121,6 @@ describe APIToken, type: :model do
it { expect(result).to be_truthy } it { expect(result).to be_truthy }
end end
end end
context 'with plain token (before migration)' do
before do
administrateur.update(encrypted_token: api_token.encrypted_token)
other_administrateur.update(encrypted_token: other_api_token.encrypted_token)
api_token.destroy
other_api_token.destroy
end
let(:token) { plain_token }
it { expect(result).to be_truthy }
context 'with other plain token' do
let(:token) { other_plain_token }
it { expect(result).to be_truthy }
end
end
end end
context 'with packed token' do context 'with packed token' do
@ -158,16 +141,6 @@ describe APIToken, type: :model do
it { expect(result).to be_truthy } it { expect(result).to be_truthy }
end end
context 'with plain token (before migration)' do
before do
administrateur.update(encrypted_token: api_token.encrypted_token)
api_token.destroy
end
let(:token) { plain_token }
it { expect(result).to be_truthy }
end
context "with valid garbage base64" do context "with valid garbage base64" do
before { api_token.update(version: 1, encrypted_token: BCrypt::Password.create(token)) } before { api_token.update(version: 1, encrypted_token: BCrypt::Password.create(token)) }