Remove plaintext Fever password from database
This commit is contained in:
parent
93f90dae68
commit
37bc451741
8 changed files with 23 additions and 24 deletions
|
@ -12,7 +12,7 @@ import (
|
||||||
"miniflux.app/logger"
|
"miniflux.app/logger"
|
||||||
)
|
)
|
||||||
|
|
||||||
const schemaVersion = 38
|
const schemaVersion = 39
|
||||||
|
|
||||||
// Migrate executes database migrations.
|
// Migrate executes database migrations.
|
||||||
func Migrate(db *sql.DB) {
|
func Migrate(db *sql.DB) {
|
||||||
|
|
|
@ -192,6 +192,8 @@ create index entries_user_feed_idx on entries (user_id, feed_id);
|
||||||
"schema_version_36": `CREATE INDEX entries_feed_id_status_hash_idx ON entries USING btree (feed_id, status, hash);`,
|
"schema_version_36": `CREATE INDEX entries_feed_id_status_hash_idx ON entries USING btree (feed_id, status, hash);`,
|
||||||
"schema_version_37": `CREATE INDEX entries_user_id_status_starred_idx ON entries (user_id, status, starred);`,
|
"schema_version_37": `CREATE INDEX entries_user_id_status_starred_idx ON entries (user_id, status, starred);`,
|
||||||
"schema_version_38": `alter table users add column entry_swipe boolean default 't';
|
"schema_version_38": `alter table users add column entry_swipe boolean default 't';
|
||||||
|
`,
|
||||||
|
"schema_version_39": `ALTER TABLE integrations DROP COLUMN fever_password;
|
||||||
`,
|
`,
|
||||||
"schema_version_4": `create type entry_sorting_direction as enum('asc', 'desc');
|
"schema_version_4": `create type entry_sorting_direction as enum('asc', 'desc');
|
||||||
alter table users add column entry_direction entry_sorting_direction default 'asc';
|
alter table users add column entry_direction entry_sorting_direction default 'asc';
|
||||||
|
@ -254,6 +256,7 @@ var SqlMapChecksums = map[string]string{
|
||||||
"schema_version_36": "8164be7818268ad3d4bdcad03a7868b58e32b27cde9b4f056cd82f7b182a0722",
|
"schema_version_36": "8164be7818268ad3d4bdcad03a7868b58e32b27cde9b4f056cd82f7b182a0722",
|
||||||
"schema_version_37": "fc9eb1b452341664ddf24c1a9cf01502ac2578136e54a4853081652959285cb9",
|
"schema_version_37": "fc9eb1b452341664ddf24c1a9cf01502ac2578136e54a4853081652959285cb9",
|
||||||
"schema_version_38": "e91d2f4075ceb7b8a16a25f350f36dee12cfd1ad86b8b6414c4cf2e9a003358c",
|
"schema_version_38": "e91d2f4075ceb7b8a16a25f350f36dee12cfd1ad86b8b6414c4cf2e9a003358c",
|
||||||
|
"schema_version_39": "b0f90b97502921d4681a07c64d180a91a0b4ccac7d3c1dbe30519ad6f1bf1737",
|
||||||
"schema_version_4": "216ea3a7d3e1704e40c797b5dc47456517c27dbb6ca98bf88812f4f63d74b5d9",
|
"schema_version_4": "216ea3a7d3e1704e40c797b5dc47456517c27dbb6ca98bf88812f4f63d74b5d9",
|
||||||
"schema_version_5": "46397e2f5f2c82116786127e9f6a403e975b14d2ca7b652a48cd1ba843e6a27c",
|
"schema_version_5": "46397e2f5f2c82116786127e9f6a403e975b14d2ca7b652a48cd1ba843e6a27c",
|
||||||
"schema_version_6": "9d05b4fb223f0e60efc716add5048b0ca9c37511cf2041721e20505d6d798ce4",
|
"schema_version_6": "9d05b4fb223f0e60efc716add5048b0ca9c37511cf2041721e20505d6d798ce4",
|
||||||
|
|
1
database/sql/schema_version_39.sql
Normal file
1
database/sql/schema_version_39.sql
Normal file
|
@ -0,0 +1 @@
|
||||||
|
ALTER TABLE integrations DROP COLUMN fever_password;
|
|
@ -16,7 +16,6 @@ type Integration struct {
|
||||||
InstapaperPassword string
|
InstapaperPassword string
|
||||||
FeverEnabled bool
|
FeverEnabled bool
|
||||||
FeverUsername string
|
FeverUsername string
|
||||||
FeverPassword string
|
|
||||||
FeverToken string
|
FeverToken string
|
||||||
WallabagEnabled bool
|
WallabagEnabled bool
|
||||||
WallabagURL string
|
WallabagURL string
|
||||||
|
|
|
@ -56,7 +56,6 @@ func (s *Storage) Integration(userID int64) (*model.Integration, error) {
|
||||||
instapaper_password,
|
instapaper_password,
|
||||||
fever_enabled,
|
fever_enabled,
|
||||||
fever_username,
|
fever_username,
|
||||||
fever_password,
|
|
||||||
fever_token,
|
fever_token,
|
||||||
wallabag_enabled,
|
wallabag_enabled,
|
||||||
wallabag_url,
|
wallabag_url,
|
||||||
|
@ -87,7 +86,6 @@ func (s *Storage) Integration(userID int64) (*model.Integration, error) {
|
||||||
&integration.InstapaperPassword,
|
&integration.InstapaperPassword,
|
||||||
&integration.FeverEnabled,
|
&integration.FeverEnabled,
|
||||||
&integration.FeverUsername,
|
&integration.FeverUsername,
|
||||||
&integration.FeverPassword,
|
|
||||||
&integration.FeverToken,
|
&integration.FeverToken,
|
||||||
&integration.WallabagEnabled,
|
&integration.WallabagEnabled,
|
||||||
&integration.WallabagURL,
|
&integration.WallabagURL,
|
||||||
|
@ -127,22 +125,21 @@ func (s *Storage) UpdateIntegration(integration *model.Integration) error {
|
||||||
instapaper_password=$7,
|
instapaper_password=$7,
|
||||||
fever_enabled=$8,
|
fever_enabled=$8,
|
||||||
fever_username=$9,
|
fever_username=$9,
|
||||||
fever_password=$10,
|
fever_token=$10,
|
||||||
fever_token=$11,
|
wallabag_enabled=$11,
|
||||||
wallabag_enabled=$12,
|
wallabag_url=$12,
|
||||||
wallabag_url=$13,
|
wallabag_client_id=$13,
|
||||||
wallabag_client_id=$14,
|
wallabag_client_secret=$14,
|
||||||
wallabag_client_secret=$15,
|
wallabag_username=$15,
|
||||||
wallabag_username=$16,
|
wallabag_password=$16,
|
||||||
wallabag_password=$17,
|
nunux_keeper_enabled=$17,
|
||||||
nunux_keeper_enabled=$18,
|
nunux_keeper_url=$18,
|
||||||
nunux_keeper_url=$19,
|
nunux_keeper_api_key=$19,
|
||||||
nunux_keeper_api_key=$20,
|
pocket_enabled=$20,
|
||||||
pocket_enabled=$21,
|
pocket_access_token=$21,
|
||||||
pocket_access_token=$22,
|
pocket_consumer_key=$22
|
||||||
pocket_consumer_key=$23
|
|
||||||
WHERE
|
WHERE
|
||||||
user_id=$24
|
user_id=$23
|
||||||
`
|
`
|
||||||
_, err := s.db.Exec(
|
_, err := s.db.Exec(
|
||||||
query,
|
query,
|
||||||
|
@ -155,7 +152,6 @@ func (s *Storage) UpdateIntegration(integration *model.Integration) error {
|
||||||
integration.InstapaperPassword,
|
integration.InstapaperPassword,
|
||||||
integration.FeverEnabled,
|
integration.FeverEnabled,
|
||||||
integration.FeverUsername,
|
integration.FeverUsername,
|
||||||
integration.FeverPassword,
|
|
||||||
integration.FeverToken,
|
integration.FeverToken,
|
||||||
integration.WallabagEnabled,
|
integration.WallabagEnabled,
|
||||||
integration.WallabagURL,
|
integration.WallabagURL,
|
||||||
|
|
|
@ -47,7 +47,6 @@ func (i IntegrationForm) Merge(integration *model.Integration) {
|
||||||
integration.InstapaperPassword = i.InstapaperPassword
|
integration.InstapaperPassword = i.InstapaperPassword
|
||||||
integration.FeverEnabled = i.FeverEnabled
|
integration.FeverEnabled = i.FeverEnabled
|
||||||
integration.FeverUsername = i.FeverUsername
|
integration.FeverUsername = i.FeverUsername
|
||||||
integration.FeverPassword = i.FeverPassword
|
|
||||||
integration.WallabagEnabled = i.WallabagEnabled
|
integration.WallabagEnabled = i.WallabagEnabled
|
||||||
integration.WallabagURL = i.WallabagURL
|
integration.WallabagURL = i.WallabagURL
|
||||||
integration.WallabagClientID = i.WallabagClientID
|
integration.WallabagClientID = i.WallabagClientID
|
||||||
|
|
|
@ -38,7 +38,6 @@ func (h *handler) showIntegrationPage(w http.ResponseWriter, r *http.Request) {
|
||||||
InstapaperPassword: integration.InstapaperPassword,
|
InstapaperPassword: integration.InstapaperPassword,
|
||||||
FeverEnabled: integration.FeverEnabled,
|
FeverEnabled: integration.FeverEnabled,
|
||||||
FeverUsername: integration.FeverUsername,
|
FeverUsername: integration.FeverUsername,
|
||||||
FeverPassword: integration.FeverPassword,
|
|
||||||
WallabagEnabled: integration.WallabagEnabled,
|
WallabagEnabled: integration.WallabagEnabled,
|
||||||
WallabagURL: integration.WallabagURL,
|
WallabagURL: integration.WallabagURL,
|
||||||
WallabagClientID: integration.WallabagClientID,
|
WallabagClientID: integration.WallabagClientID,
|
||||||
|
|
|
@ -9,8 +9,8 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
"miniflux.app/http/response/html"
|
|
||||||
"miniflux.app/http/request"
|
"miniflux.app/http/request"
|
||||||
|
"miniflux.app/http/response/html"
|
||||||
"miniflux.app/http/route"
|
"miniflux.app/http/route"
|
||||||
"miniflux.app/locale"
|
"miniflux.app/locale"
|
||||||
"miniflux.app/ui/form"
|
"miniflux.app/ui/form"
|
||||||
|
@ -42,7 +42,9 @@ func (h *handler) updateIntegration(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if integration.FeverEnabled {
|
if integration.FeverEnabled {
|
||||||
integration.FeverToken = fmt.Sprintf("%x", md5.Sum([]byte(integration.FeverUsername+":"+integration.FeverPassword)))
|
if integrationForm.FeverPassword != "" {
|
||||||
|
integration.FeverToken = fmt.Sprintf("%x", md5.Sum([]byte(integration.FeverUsername+":"+integrationForm.FeverPassword)))
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
integration.FeverToken = ""
|
integration.FeverToken = ""
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue