Ferreteria/sql/user token: Difference between revisions
< Ferreteria | sql
Jump to navigation
Jump to search
(more secure) |
m (7 revisions imported: moving this project here) |
||
| (4 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
==About== | ==About== | ||
* '''Purpose''': for storing tokens that authorize users to change things associated with an email address (mainly password) | * '''Purpose''': for storing tokens that authorize users to change things associated with an email address (mainly password) | ||
* ''' | ==Fields== | ||
** '''2013-10-03''' created | * '''Type''': type of action being authorized (currently: 1 = create new account, 2 = reset password) | ||
* '''Entity''': value referring to entity being authorized (email address, user ID) | |||
==History== | |||
* '''2013-10-03''' created | |||
* '''2013-12-24''' changed to no longer require a pre-existing email address (using SQL adapted for ATC but never used) | |||
* '''2016-11-17''' revised to allow for different auth types; removed unique key requirement | |||
* '''2017-01-26''' moved to Ferreteria and renamed "user_token" | |||
==SQL== | ==SQL== | ||
<mysql>CREATE TABLE ` | <mysql>CREATE TABLE `user_token` ( | ||
` | `ID` INT NOT NULL AUTO_INCREMENT, | ||
`Type` INT NOT NULL COMMENT "type of action being authorized", | |||
`Entity` VARCHAR(256) NOT NULL COMMENT "value of entity being authorized (username, email address)", | |||
`TokenHash` VARBINARY(128) NOT NULL COMMENT "hash for [token+salt]", | `TokenHash` VARBINARY(128) NOT NULL COMMENT "hash for [token+salt]", | ||
`TokenSalt` VARBINARY(128) NOT NULL COMMENT "random prefix for hash", | `TokenSalt` VARBINARY(128) NOT NULL COMMENT "random prefix for hash", | ||
`WhenExp` DATETIME NOT NULL COMMENT "when the token expires (and should be deleted)", | `WhenExp` DATETIME NOT NULL COMMENT "when the token expires (and should be deleted)", | ||
PRIMARY KEY(`ID`) | |||
) | ) | ||
ENGINE = | ENGINE = InnoDB;</mysql> | ||
Latest revision as of 16:42, 22 May 2022
About
- Purpose: for storing tokens that authorize users to change things associated with an email address (mainly password)
Fields
- Type: type of action being authorized (currently: 1 = create new account, 2 = reset password)
- Entity: value referring to entity being authorized (email address, user ID)
History
- 2013-10-03 created
- 2013-12-24 changed to no longer require a pre-existing email address (using SQL adapted for ATC but never used)
- 2016-11-17 revised to allow for different auth types; removed unique key requirement
- 2017-01-26 moved to Ferreteria and renamed "user_token"
SQL
<mysql>CREATE TABLE `user_token` (
`ID` INT NOT NULL AUTO_INCREMENT, `Type` INT NOT NULL COMMENT "type of action being authorized", `Entity` VARCHAR(256) NOT NULL COMMENT "value of entity being authorized (username, email address)", `TokenHash` VARBINARY(128) NOT NULL COMMENT "hash for [token+salt]", `TokenSalt` VARBINARY(128) NOT NULL COMMENT "random prefix for hash", `WhenExp` DATETIME NOT NULL COMMENT "when the token expires (and should be deleted)", PRIMARY KEY(`ID`)
) ENGINE = InnoDB;</mysql>