Merge branch 'security-if-51113-hash_tokens-11-2' into 'security-11-2'

[11.2] Persist only SHA digest of PersonalAccessToken#token See merge request gitlab/gitlabhq!2553
author: Jan Provaznik <jprovaznik@gitlab.com> 2018-10-23 13:51:00 +0300
committer: Thiago Presa <tpresa@gitlab.com> 2018-10-25 04:00:04 +0300
commit: 2e04a93a2195ae179a933ce120d8ab00a9e0188a (patch)
tree: 6ed840e0eceaffa8e14610510cb1c4426ec89ab2 /lib/tasks
parent: bf097697f543bc2551f88895ca08084420e45068 (diff)
1 files changed, 5 insertions, 9 deletions
diff --git a/lib/tasks/tokens.rake b/lib/tasks/tokens.rake
index 81829668de8..eec024f9bbb 100644
--- a/lib/tasks/tokens.rake
+++ b/lib/tasks/tokens.rake
@@ -1,4 +1,7 @@
 require_relative '../../app/models/concerns/token_authenticatable.rb'
+require_relative '../../app/models/concerns/token_authenticatable_strategies/base.rb'
+require_relative '../../app/models/concerns/token_authenticatable_strategies/insecure.rb'
+require_relative '../../app/models/concerns/token_authenticatable_strategies/digest.rb'
 
 namespace :tokens do
   desc "Reset all GitLab incoming email tokens"
@@ -26,13 +29,6 @@ class TmpUser < ActiveRecord::Base
 
   self.table_name = 'users'
 
-  def reset_incoming_email_token!
-    write_new_token(:incoming_email_token)
-    save!(validate: false)
-  end
-
-  def reset_feed_token!
-    write_new_token(:feed_token)
-    save!(validate: false)
-  end
+  add_authentication_token_field :incoming_email_token, token_generator: -> { SecureRandom.hex.to_i(16).to_s(36) }
+  add_authentication_token_field :feed_token
 end
author	Jan Provaznik <jprovaznik@gitlab.com>	2018-10-23 13:51:00 +0300
committer	Thiago Presa <tpresa@gitlab.com>	2018-10-25 04:00:04 +0300
commit	2e04a93a2195ae179a933ce120d8ab00a9e0188a (patch)
tree	6ed840e0eceaffa8e14610510cb1c4426ec89ab2 /lib/tasks
parent	bf097697f543bc2551f88895ca08084420e45068 (diff)