Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update token gen #4832

Merged
merged 4 commits into from
Jun 23, 2021
Merged

Update token gen #4832

merged 4 commits into from
Jun 23, 2021

Conversation

yakkomajuri
Copy link
Contributor

Changes

On a call right now so might still need to look into tradeoffs. A hex token should not contain invalid chars for cookies though, at the expense of being longer.

Checklist

  • All querysets/queries filter by Organization, by Team, and by User
  • Django backend tests
  • Jest frontend tests
  • Cypress end-to-end tests
  • Migrations are safe to run at scale (e.g. PostHog Cloud) – present proof if not obvious
  • Frontend/CSS is usable at 320px (iPhone SE) and decent at 360px (most phones)
  • Breaking changes are backwards-compatible. Ensure old/new frontend requests work with new/old backends, and vice versa.

@yakkomajuri yakkomajuri requested a review from timgl June 21, 2021 15:40
@yakkomajuri
Copy link
Contributor Author

hmm seems the hex token is a bit too long for the column as is

Also, here's the relevant line: https://github.com/PostHog/posthog-js/blob/cbb31c2e64d7f8f47921b801ec1a5b62b1052ff4/src/posthog-persistence.js#L51

And issue: PostHog/posthog-js#249

@timgl timgl temporarily deployed to posthog-pr-4832 June 21, 2021 15:45 Inactive
@Twixes
Copy link
Member

Twixes commented Jun 21, 2021

It could be a bit shorter if instead of secrests.token_foo we used secrets.randbits(32*8) to get an integer, and then saved that integer in base 36, maybe?

@yakkomajuri yakkomajuri temporarily deployed to posthog-pr-4832 June 21, 2021 17:38 Inactive
@yakkomajuri
Copy link
Contributor Author

A few approaches here:

Could diverge Personal API Key (needs to be more secure) and Project API key so that personal keys can be base 64. I'm against this though because we might want to put personal api keys on a cookie some day (if even test keys for Docs autofill, like Stripe).

Another approach is to keep as is and update personal api keys to 64 char column.

And yet another (just saw @Twixes' comment as I started to write) is indeed base36. That's probably a good idea.

@yakkomajuri
Copy link
Contributor Author

Base 36 indeed would allow us to keep the 50 char limit as well

@yakkomajuri
Copy link
Contributor Author

yakkomajuri commented Jun 21, 2021
edited
Loading

I guess we could have posthog-js convert the b64 token to b36 to address this issue for projects create before this change

@yakkomajuri yakkomajuri requested a review from Twixes June 21, 2021 17:59
@timgl timgl temporarily deployed to posthog-pr-4832 June 21, 2021 18:00 Inactive
@yakkomajuri yakkomajuri removed the request for review from timgl June 21, 2021 18:01
@yakkomajuri yakkomajuri mentioned this pull request Jun 21, 2021
Merged
2 tasks
@Twixes Twixes temporarily deployed to posthog-pr-4832 June 22, 2021 10:34 Inactive
Twixes
Twixes approved these changes Jun 22, 2021
View reviewed changes
Copy link
Member

@Twixes Twixes left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

V nice. I modified the number_to_b36 function a bit to actually convert to base62 – even shorter keys. And added token prefixes: phc_ for project tokens used by client libraries, 'phx_` for personal API keys offering full account access – inspired by GitHub's latest changes (though definitely not as rigorous, checksum and all, as they did). All completely under the 50 characters limit still.

Project
Project

Personal
Personal

@Twixes Twixes temporarily deployed to posthog-pr-4832 June 22, 2021 10:46 Inactive
@yakkomajuri
Copy link
Contributor Author

Nice! Base62 works and is shorter. Neat solution.

@yakkomajuri
Copy link
Contributor Author

Also, thanks for adding the prefix. I spent a bit of time last night wondering about some changes to be made to API authentication, and having this prefix helps as we introduce new keys with different prefixes (I'm about to spec this out in an issue).

@yakkomajuri yakkomajuri self-assigned this Jun 22, 2021
@yakkomajuri yakkomajuri mentioned this pull request Jun 22, 2021
Closed
@yakkomajuri yakkomajuri temporarily deployed to posthog-pr-4832 June 23, 2021 16:05 Inactive
@yakkomajuri
Copy link
Contributor Author

unrelated cypress component test - merging

@yakkomajuri yakkomajuri merged commit 6c9bb2d into master Jun 23, 2021
@yakkomajuri yakkomajuri deleted the fix-token-gen branch June 23, 2021 16:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Twixes Twixes Twixes approved these changes

Assignees

@yakkomajuri yakkomajuri

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@yakkomajuri @Twixes @timgl