path: root/util
diff options
authorYorhel <>2014-10-16 13:46:23 +0200
committerYorhel <>2014-10-16 13:46:23 +0200
commitfab1253dbb4e7064c4c29fd4b4b34d6cd1c6734c (patch)
treeced71fabb224616e1b430a009be9844c9686f020 /util
parent5faaa1f3b1dfc53f59e7f748bc23048f48b274d2 (diff)
Hash session tokens with SHA-1 when storing in DB
This ensures that, if an attacker evers gets read access to the database, he will not be able to compromise any accounts. SHA-1 suffices here, because the data being hashed is a random 20 byte string. The search space is so damn large that you can't sanely brute force it, nor are rainbow tables any use at that scale. They're not salted. The password reset tokens are also hashed in the database and do include salt, but I've no idea why we did that.
Diffstat (limited to 'util')
1 files changed, 6 insertions, 0 deletions
diff --git a/util/updates/update_2.24.sql b/util/updates/update_2.24.sql
new file mode 100644
index 00000000..04d946f1
--- /dev/null
+++ b/util/updates/update_2.24.sql
@@ -0,0 +1,6 @@
+-- Session tokens are stored in the database as a SHA-1 on the actual token
+-- now. Note that this query should be executed only once, otherwise any
+-- existing sessions will be invalidated.
+-- CREATE EXTENSION pgcrypto;
+UPDATE sessions SET token = digest(token, 'sha1');
+-- DROP EXTENSION pgcrypto;