forked from fedi/mastodon
Reset secret of web app that could have been exposed by Doorkeeper (#13688)
There are no obvious ways it could be misused, as the secret is not really used for anything, but it is best to secure it for the future Follow-up to #13613
This commit is contained in:
parent
8012fce727
commit
4b2d9b8a55
15
db/migrate/20200510110808_reset_web_app_secret.rb
Normal file
15
db/migrate/20200510110808_reset_web_app_secret.rb
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
class ResetWebAppSecret < ActiveRecord::Migration[5.2]
|
||||||
|
disable_ddl_transaction!
|
||||||
|
|
||||||
|
def up
|
||||||
|
web_app = Doorkeeper::Application.find_by(superapp: true)
|
||||||
|
|
||||||
|
return if web_app.nil?
|
||||||
|
|
||||||
|
web_app.renew_secret
|
||||||
|
web_app.save!
|
||||||
|
end
|
||||||
|
|
||||||
|
def down
|
||||||
|
end
|
||||||
|
end
|
|
@ -10,7 +10,7 @@
|
||||||
#
|
#
|
||||||
# It's strongly recommended that you check this file into your version control system.
|
# It's strongly recommended that you check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(version: 2020_05_08_212852) do
|
ActiveRecord::Schema.define(version: 2020_05_10_110808) do
|
||||||
|
|
||||||
# These are extensions that must be enabled in order to support this database
|
# These are extensions that must be enabled in order to support this database
|
||||||
enable_extension "plpgsql"
|
enable_extension "plpgsql"
|
||||||
|
|
Loading…
Reference in a new issue