-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathBetterPasswordSchemaMigration.php
More file actions
99 lines (88 loc) · 3.98 KB
/
BetterPasswordSchemaMigration.php
File metadata and controls
99 lines (88 loc) · 3.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
/**
* @file classes/migration/BetterPasswordSchemaMigration.inc.php
*
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class BetterPasswordSchemaMigration
*
* @brief Describe database table structures.
*/
namespace APP\plugins\generic\betterPassword;
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Query\JoinClause;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Schema;
class BetterPasswordSchemaMigration extends Migration
{
/**
* Run the migrations.
*/
public function up()
{
if (Schema::hasTable('badpw_failedlogins')) {
if (Schema::hasColumn('badpw_failedlogins', 'username')) {
$usernameCol = Schema::getColumnType('badpw_failedlogins','username',true);
//No way to retrieve column length by itself, so pull out the numerical value from getColumnType() output like varchar(255)
preg_match('/[0-9]+/', $usernameCol, $usernameColLen);
//preg_match automatically sets $usernameColLen above
if ($usernameColLen[0] < 255){
//We want to ensure username column can accept up to 255 characters
Schema::table('badpw_failedlogins', function (Blueprint $table) {
$table->string('username', 255)->change();
});
}
}
}
else {
//If the table doesn't exist, create it
Schema::create('badpw_failedlogins', function (Blueprint $table) {
$table->string('username', 255);
$table->bigInteger('count');
$table->datetime('failed_login_time');
});
}
//Create a table to store passwords we don't want users to be able to set for their accounts
if (!Schema::hasTable('bpw_blocklist_items')) {
Schema::create('bpw_blocklist_items', function (Blueprint $table) {
$table->string('blocklist_item', 255)->unique();
});
}
if (!Schema::hasTable('stored_passwords')) {
Schema::create('stored_passwords', function (Blueprint $table) {
$table->bigIncrements('id');
$table->integer('user_id');
$table->text('password')->nullable();
$table->datetime('last_change_time');
});
}
Schema::table('stored_passwords', function (Blueprint $table) {
$table->text('password')->nullable()->change();
});
$userSettings = DB::table('user_settings')
->where('setting_name', 'betterPasswordPlugin::lastPasswords');
$userSettingsJoined = DB::table('user_settings as u')->where('u.setting_name', 'betterPasswordPlugin::lastPasswordUpdate')->joinSub($userSettings, 'user_settings', function (JoinClause $join) {
$join->on('u.user_id', '=', 'user_settings.user_id');
})->select('u.user_id', 'user_settings.setting_value as password', 'u.setting_value as last_change_time');
$userSettingsJoined->orderBy('user_id')->lazy()->each(function ($item, $key) {
$passwords = json_decode($item->password);
$item->password = implode(',', $passwords);
DB::table('stored_passwords')->insertOrIgnore([
'user_id' => $item->user_id,
'password' => $item->password,
'last_change_time' => $item->last_change_time
]);
});
DB::table('user_settings')->where('setting_name', 'betterPasswordPlugin::lastPasswords')->delete();
DB::table('user_settings')->where('setting_name', 'betterPasswordPlugin::lastPasswordUpdate')->delete();
}
public function down(): void
{
Schema::drop('badpw_failedlogins');
Schema::drop('stored_passwords');
Schema::drop('bpw_blocklist_items');
}
}