diff options
author | Matt Jankowski <matt@jankowski.online> | 2024-05-02 05:31:41 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-05-02 09:31:41 +0000 |
commit | 1e7d5d2957678788fdea8ade77eced98848ff4ff (patch) | |
tree | da3c27e66d0fa9df04780cad7775562b326e1893 /db/post_migrate/20240307180905_migrate_devise_two_factor_secrets.rb | |
parent | 309f352e6a2fe68729ef5b723c986bc536fe0773 (diff) |
Update `devise-two-factor` to version 5.0.0 (#28325)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Diffstat (limited to 'db/post_migrate/20240307180905_migrate_devise_two_factor_secrets.rb')
-rw-r--r-- | db/post_migrate/20240307180905_migrate_devise_two_factor_secrets.rb | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/db/post_migrate/20240307180905_migrate_devise_two_factor_secrets.rb b/db/post_migrate/20240307180905_migrate_devise_two_factor_secrets.rb new file mode 100644 index 00000000000..360e4806da2 --- /dev/null +++ b/db/post_migrate/20240307180905_migrate_devise_two_factor_secrets.rb @@ -0,0 +1,39 @@ +# frozen_string_literal: true + +class MigrateDeviseTwoFactorSecrets < ActiveRecord::Migration[7.1] + disable_ddl_transaction! + + class MigrationUser < ApplicationRecord + self.table_name = :users + + devise :two_factor_authenticatable, + otp_secret_encryption_key: Rails.configuration.x.otp_secret + + include LegacyOtpSecret # Must be after the above `devise` line in order to override the legacy method + end + + def up + MigrationUser.reset_column_information + + users_with_otp_enabled.find_each do |user| + # Gets the new value on already-updated users + # Falls back to legacy value on not-yet-migrated users + otp_secret = user.otp_secret + + Rails.logger.debug { "Processing #{user.email}" } + + # This is a no-op for migrated users and updates format for not migrated + user.update!(otp_secret: otp_secret) + end + end + + def down + raise ActiveRecord::IrreversibleMigration + end + + private + + def users_with_otp_enabled + MigrationUser.where(otp_required_for_login: true, otp_secret: nil) + end +end |