feat: hash support for user auth token middleware #65941
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
Scope: Backend
markstory
reviewed
Feb 28, 2024
mdtro
added a commit
that referenced
this pull request
Mar 12, 2024
Add `hashed_token` to `ApiTokenReplica`. Prerequisite for #65941
mdtro
force-pushed
the
mdtro/apitoken-middleware-hash
branch
from
4b13f18 to
334283c
Compare
mdtro
commented
Mar 12, 2024
markstory
reviewed
Mar 13, 2024
mdtro
added a commit
that referenced
this pull request
Mar 14, 2024
In support of: #65941 Adds an index for the `hashed_token` column on `ApiTokenReplica`.
mdtro
force-pushed
the
mdtro/apitoken-middleware-hash
branch
from
086c2f4 to
24c56a4
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #65941 +/- ##
=======================================
Coverage 84.32% 84.32%
=======================================
Files 5306 5306
Lines 237077 237093 +16
Branches 41000 41001 +1
=======================================
+ Hits 199904 199922 +18
+ Misses 36955 36953 -2
Partials 218 218
|
JonasBa
pushed a commit
that referenced
this pull request
Mar 17, 2024
In support of: #65941 Adds an index for the `hashed_token` column on `ApiTokenReplica`.
- add tests for the hashing logic pre and post request - refactored helper function to return related user and application - call the helper function when authentication is happening under control silo mode
mdtro
force-pushed
the
mdtro/apitoken-middleware-hash
branch
from
88a554f to
3a736dc
Compare
|
PR reverted: 92e8bd5 |
getsentry-bot
added a commit
that referenced
this pull request
Mar 18, 2024
This reverts commit 3ae4a10. Co-authored-by: mdtro <20070360+mdtro@users.noreply.github.com>
mdtro
added a commit
that referenced
this pull request
Apr 2, 2024
- Update the `UserAuthTokenAuthentication` middleware to support hashed token values. As tokens are used, it will store the appropriate hash value. - Use an option, `apitoken.use-and-update-hash-rate` that will apply the code paths using the hashed values for lookups and updating the hashed values on plaintext tokens randomly based on the configured rate. - Introduce a temporary option, `apitoken.save-hash-on-create`. This will be used in the model logic and in pre and post backfill migration tests in the future. This previously resulted in INC-684 via PR #65941. The `hashed_token` and `hashed_refresh_token` columns now have indexes.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
UserAuthTokenAuthenticationmiddleware to support hashed token values. As tokens are used, it will store the appropriate hash value.apitoken.save-hash-on-create. This will be used in the model logic and in pre and post backfill migration tests in the future.