[Bug 30592] New: Move borrowers.secret to a new generic credentials table
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 Bug ID: 30592 Summary: Move borrowers.secret to a new generic credentials table Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Architecture, internals, and plumbing Assignee: koha-bugs@lists.koha-community.org Reporter: m.de.rooy@rijksmuseum.nl QA Contact: testopia@bugs.koha-community.org This generic credentials table should allow for storing other secrets, passwords, etc. too. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com Depends on| |29924 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29924 [Bug 29924] Introduce password expiration to patron categories -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on|29924 |28998 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28998 [Bug 28998] Encrypt borrowers.secret https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29924 [Bug 29924] Introduce password expiration to patron categories -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=29924 -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 Bug 30592 depends on bug 28998, which changed state. Bug 28998 Summary: Encrypt borrowers.secret https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28998 What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to master |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jonathan.druart@gmail.com, | |kyle@bywatersolutions.com, | |tomascohen@gmail.com Assignee|koha-bugs@lists.koha-commun |tomascohen@gmail.com |ity.org | --- Comment #1 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Throwing this to start the conversation: ```sql CREATE TABLE `patron_credentials` ( `patron_credential_id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'primary key, Koha assigned ID number for patron credentials', `patron_id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'Foreign key to the patron the credential belongs to', `type` ENUM('password','two-factor') NOT NULL COMMENT 'Credential type', `created_on` timestamp NULL DEFAULT NULL COMMENT 'Time and date the credential was created', `updated_on` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp() COMMENT 'Time and date of the latest change on the credential', `value` mediumtext DEFAULT NULL COMMENT 'Credential value', PRIMARY KEY (`patron_credential_id`), CONSTRAINT `patron_id_ibfk_1` FOREIGN KEY (`patron_id`) REFERENCES `borrowers` (`borrowernumber`) ON DELETE CASCADE ON UPDATE CASCADE,, ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; ``` Thoughts? -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 --- Comment #2 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Type for access_token, uuid ? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |evelyn@bywatersolutions.com --- Comment #3 from Tomás Cohen Arazi <tomascohen@gmail.com> --- @Marcel: That's interesting. Both `oauth_access_tokens` and `borrower_password_recovery` tables follow the same pattern. Maybe 2FA should be moved into such table; and yeah, they could converge into this table. aving `valid_until` would make sense to me. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 Nick Clemens (kidclamp) <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nick@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30592 --- Comment #4 from David Cook <dcook@prosentient.com.au> --- (In reply to Marcel de Rooy from comment #2)
Type for access_token, uuid ?
I don't think you'd need "uuid" as that's a data type, but rather something something like "self-registration-token". So I don't think using an ENUM for "type" is a good idea. Better to manage that in the software I think, especially as you might have Koha plugins adding credentials. -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org