Add migration.

go-gitea · lunny · Oct 14, 2023 · Jul 14, 2023 · Jul 17, 2023 · Jul 25, 2023
commit c47e8c9d867289b3972d0f8b64026b94d6970f29
diff --git a/models/auth/auth_token.go b/models/auth/auth_token.go
@@ -15,7 +15,7 @@ import (
 
 var ErrAuthTokenNotExist = util.NewNotExistErrorf("auth token does not exist")
 
-type AuthToken struct {
+type AuthToken struct { //nolint:revive
 	ID          string `xorm:"pk"`
 	TokenHash   string
 	UserID      int64 `xorm:"INDEX"`

diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go
@@ -523,6 +523,8 @@ var migrations = []Migration{
 	NewMigration("Drop deleted branch table", v1_21.DropDeletedBranchTable),
 	// v270 -> v271
 	NewMigration("Fix PackageProperty typo", v1_21.FixPackagePropertyTypo),
+	// v271 -> v272
+	NewMigration("Add auth_token table", v1_21.CreateAuthTokenTable),
 }
 
 // GetCurrentDBVersion returns the current db version

diff --git a/models/migrations/v1_21/v271.go b/models/migrations/v1_21/v271.go
@@ -0,0 +1,21 @@
+// Copyright 2023 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_21 //nolint
+
+import (
+	"code.gitea.io/gitea/modules/timeutil"
+
+	"xorm.io/xorm"
+)
+
+func CreateAuthTokenTable(x *xorm.Engine) error {
+	type AuthToken struct {
+		ID          string `xorm:"pk"`
+		TokenHash   string
+		UserID      int64 `xorm:"INDEX"`
+		ExpiresUnix timeutil.TimeStamp
+	}
+
+	return x.Sync(new(AuthToken))
+}
diff --git a/services/auth/auth_token.go b/services/auth/auth_token.go
@@ -18,6 +18,8 @@ import (
 	"code.gitea.io/gitea/modules/util"
 )
 
+// Based on https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies
+
 var (
 	ErrAuthTokenInvalidFormat = util.NewInvalidArgumentErrorf("auth token has an invalid format")
 	ErrAuthTokenExpired       = util.NewInvalidArgumentErrorf("auth token has expired")