Auth Cookie Support (#285)

* Auth cookie support * Add config option for auth cookie support * Safe handling of TEGid/auth_id strings * Fix bad size calculation due to pointer cast * Expiration timestamp instead of valid bit * Change setting to "allowed auth methods" This allows plaintext password auth to be disabled altogether * PR feedback
2026-02-11 14:50:03 +00:00 · 2024-09-17 20:41:48 -07:00
parent 52833f7fb3
commit a6eb0e2349
10 changed files with 185 additions and 36 deletions
--- a/sql/migration4.sql
+++ b/sql/migration4.sql
@@ -0,0 +1,19 @@
+/*
+    It is recommended in the SQLite manual to turn off
+    foreign keys when making schema changes that involve them
+*/
+PRAGMA foreign_keys=OFF;
+BEGIN TRANSACTION;
+-- New table to store auth cookies
+CREATE TABLE Auth (
+    AccountID   INTEGER NOT NULL,
+    Cookie      TEXT NOT NULL,
+    Expires     INTEGER DEFAULT 0 NOT NULL,
+    FOREIGN KEY(AccountID) REFERENCES Accounts(AccountID) ON DELETE CASCADE,
+    UNIQUE (AccountID)
+);
+-- Update DB Version
+UPDATE Meta SET Value = 5 WHERE Key = 'DatabaseVersion';
+UPDATE Meta SET Value = strftime('%s', 'now') WHERE Key = 'LastMigration';
+COMMIT;
+PRAGMA foreign_keys=ON;