Hash UserTokens for security improvement

2024-12-27 13:02:39 +01:00
parent caab707a17
commit 771fc8675f
10 changed files with 767 additions and 272 deletions
--- a/Core/Configuration/Patch/2024-12-08_UserToken-hashed.php
+++ b/Core/Configuration/Patch/2024-12-08_UserToken-hashed.php
@@ -0,0 +1,17 @@
+<?php
+
+use Core\Driver\SQL\Column\Column;
+use Core\Driver\SQL\Column\StringColumn;
+use Core\Driver\SQL\Expression\Hash;
+use Core\Objects\DatabaseEntity\UserToken;
+
+$handler = UserToken::getHandler($sql);
+$columnSize = 512 / 8 * 2; // sha512 as hex
+$tokenTable = $handler->getTableName();
+$tokenColumn = $handler->getColumnName("token");
+
+$queries[] = $sql->alterTable($tokenTable)
+  ->modify(new StringColumn($tokenColumn, $columnSize));
+
+$queries[] = $sql->update($tokenTable)
+  ->set($tokenColumn, new Hash(Hash::SHA_512, new Column($tokenColumn)));
--- a/Core/Configuration/Patch/2024-12-27_Session-last-online.php
+++ b/Core/Configuration/Patch/2024-12-27_Session-last-online.php
@@ -0,0 +1,9 @@
+<?php
+
+use Core\Driver\SQL\Column\DateTimeColumn;
+use Core\Driver\SQL\Expression\CurrentTimeStamp;
+use Core\Objects\DatabaseEntity\Session;
+
+$handler = Session::getHandler($sql);
+$queries[] = $sql->alterTable($handler->getTableName())
+->add(new DateTimeColumn($handler->getColumnName("lastOnline"), false, new CurrentTimeStamp()));