Refactor App Passwords
Closed this issue · 0 comments
julien731 commented
For reasons that are stated in #29 the app passwords component needs a refactoring. What seems to be the best solution is the creation of a custom database table.
This would have multiple advantages:
- easy to store app passwords and backup codes in the same table
- super simple to lookup an app password
- no messy array to play with to invalidate a code
- no weird process to make sure that a key of a hash is unique (yeah it sounds weird)
The custom table should be something like this:
ID |user_id | key | type | count
If we go that way, though, it would make sense that the access log has its own custom table as well. The current access log has the following information:
- key (the app password hash key. Yeah, the weird thing)
- last_used
- ip
- user_agent
- method
It goes without saying that an upgrade routine will be necessary...