Commit b6d8f26c authored by David Johnson's avatar David Johnson
Browse files

Add a table for subsystem-specific restricted-access user passwords.

parent d0ffff73
......@@ -5185,6 +5185,30 @@ CREATE TABLE `user_stats` (
KEY `uid_uuid` (`uid_uuid`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
--
-- Table structure for table `user_token_passwords`
--
DROP TABLE IF EXISTS `user_token_passwords`;
CREATE TABLE `user_token_passwords` (
`idx` int(10) unsigned NOT NULL AUTO_INCREMENT,
`uid_idx` mediumint(8) unsigned NOT NULL DEFAULT '0',
`uid` varchar(8) NOT NULL DEFAULT '',
`subsystem` varchar(64) NOT NULL,
`scope_type` tinytext,
`scope_value` tinytext,
`username` varchar(64) NOT NULL,
`plaintext` varchar(64) NOT NULL DEFAULT '',
`hash` varchar(64) NOT NULL,
`issued` datetime NOT NULL,
`expiration` datetime DEFAULT NULL,
`token_lifetime` int(10) unsigned NOT NULL,
`token_onetime` tinyint(1) NOT NULL DEFAULT '0',
`system` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`idx`),
UNIQUE KEY `user_token` (`subsystem`,`username`,`plaintext`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
--
-- Table structure for table `users`
--
......
#
# New table for storing alternate user/system passwords that user
# clients can use to obtain temporary-, restricted-access tokens.
# Currently, only the Docker image registry uses this table. However,
# it was designed to support backend-specific granular password
# authentication, so we'll see if that is ever helpful for anything
# else.
#
use strict;
use libdb;
sub DoUpdate($$$)
{
my ($dbhandle, $dbname, $version) = @_;
if (!DBTableExists("user_token_passwords")) {
DBQueryFatal("CREATE TABLE `user_token_passwords` (".
" `idx` int(10) unsigned NOT NULL AUTO_INCREMENT,".
" `uid_idx` mediumint(8) unsigned NOT NULL DEFAULT '0',".
" `uid` varchar(8) NOT NULL DEFAULT '',".
" `subsystem` varchar(64) NOT NULL,".
" `scope_type` tinytext,".
" `scope_value` tinytext,".
" `username` varchar(64) NOT NULL,".
" `plaintext` varchar(64) NOT NULL DEFAULT '',".
" `hash` varchar(64) NOT NULL,".
" `issued` datetime NOT NULL,".
" `expiration` datetime DEFAULT NULL,".
" `token_lifetime` int(10) unsigned NOT NULL,".
" `token_onetime` tinyint(1) NOT NULL DEFAULT '0',".
" `system` tinyint(1) NOT NULL DEFAULT '0',".
" PRIMARY KEY (`idx`),".
" UNIQUE KEY `user_token` (`subsystem`,`username`,".
" `plaintext`)".
") ENGINE=MyISAM DEFAULT CHARSET=latin1;");
}
return 0;
}
1;
# Local Variables:
# mode:perl
# End:
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment