From 8b87856f05e91e362dafacabd673d89957d94a7a Mon Sep 17 00:00:00 2001 From: 24c02 <163450896+24c02@users.noreply.github.com> Date: Thu, 29 Jan 2026 15:20:17 -0500 Subject: [PATCH] apied keys --- Gemfile | 2 ++ Gemfile.lock | 9 +++++++++ db/migrate/20260129201832_create_api_keys.rb | 16 ++++++++++++++++ db/schema.rb | 17 ++++++++++++++++- 4 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 db/migrate/20260129201832_create_api_keys.rb diff --git a/Gemfile b/Gemfile index 4a390c4..ab6a56d 100644 --- a/Gemfile +++ b/Gemfile @@ -66,3 +66,5 @@ gem "pg_search" gem "kaminari" gem "high_voltage" gem "redcarpet" +gem "lockbox" +gem "blind_index" diff --git a/Gemfile.lock b/Gemfile.lock index 904b1ad..f708f23 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -74,12 +74,17 @@ GEM uri (>= 0.13.1) addressable (2.8.8) public_suffix (>= 2.0.2, < 8.0) + argon2-kdf (0.3.1) + fiddle ast (2.4.3) awesome_print (1.9.2) base64 (0.3.0) benchmark (0.5.0) bigdecimal (4.0.1) bindex (0.8.1) + blind_index (2.7.0) + activesupport (>= 7.1) + argon2-kdf (>= 0.2) bootsnap (1.21.1) msgpack (~> 1.2) brakeman (7.1.2) @@ -118,6 +123,7 @@ GEM logger faraday-net_http (3.4.2) net-http (~> 0.5) + fiddle (1.1.8) fugit (1.12.1) et-orbi (~> 1.4) raabro (~> 1.4) @@ -155,6 +161,7 @@ GEM kaminari-core (1.2.2) language_server-protocol (3.17.0.5) lint_roller (1.1.0) + lockbox (2.1.0) logger (1.7.0) loofah (2.25.0) crass (~> 1.0.2) @@ -444,6 +451,7 @@ PLATFORMS DEPENDENCIES awesome_print + blind_index bootsnap brakeman capybara @@ -454,6 +462,7 @@ DEPENDENCIES high_voltage jb kaminari + lockbox omniauth omniauth-hack_club pg (~> 1.3) diff --git a/db/migrate/20260129201832_create_api_keys.rb b/db/migrate/20260129201832_create_api_keys.rb new file mode 100644 index 0000000..92cdef4 --- /dev/null +++ b/db/migrate/20260129201832_create_api_keys.rb @@ -0,0 +1,16 @@ +class CreateAPIKeys < ActiveRecord::Migration[8.0] + def change + create_table :api_keys do |t| + t.references :user, null: false, foreign_key: true, type: :bigint + t.string :name, null: false + t.text :token_ciphertext, null: false # Lockbox encrypted token + t.string :token_bidx, null: false # Blind index for lookup + t.boolean :revoked, default: false, null: false + t.datetime :revoked_at + t.timestamps + + t.index :token_bidx, unique: true + t.index [:user_id, :revoked] + end + end +end diff --git a/db/schema.rb b/db/schema.rb index 5498b86..46c26f7 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[8.0].define(version: 2026_01_29_051531) do +ActiveRecord::Schema[8.0].define(version: 2026_01_29_201832) do # These are extensions that must be enabled in order to support this database enable_extension "pg_catalog.plpgsql" @@ -42,6 +42,20 @@ ActiveRecord::Schema[8.0].define(version: 2026_01_29_051531) do t.index ["blob_id", "variation_digest"], name: "index_active_storage_variant_records_uniqueness", unique: true end + create_table "api_keys", force: :cascade do |t| + t.bigint "user_id", null: false + t.string "name", null: false + t.text "token_ciphertext", null: false + t.string "token_bidx", null: false + t.boolean "revoked", default: false, null: false + t.datetime "revoked_at" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + t.index ["token_bidx"], name: "index_api_keys_on_token_bidx", unique: true + t.index ["user_id", "revoked"], name: "index_api_keys_on_user_id_and_revoked" + t.index ["user_id"], name: "index_api_keys_on_user_id" + end + create_table "uploads", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t| t.bigint "user_id", null: false t.bigint "blob_id", null: false @@ -71,6 +85,7 @@ ActiveRecord::Schema[8.0].define(version: 2026_01_29_051531) do add_foreign_key "active_storage_attachments", "active_storage_blobs", column: "blob_id" add_foreign_key "active_storage_variant_records", "active_storage_blobs", column: "blob_id" + add_foreign_key "api_keys", "users" add_foreign_key "uploads", "active_storage_blobs", column: "blob_id" add_foreign_key "uploads", "users" end