Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(security): encrypt login password #1583

Merged
merged 2 commits into from
Aug 31, 2023
Merged

feat(security): encrypt login password #1583

merged 2 commits into from
Aug 31, 2023

Conversation

baurine
Copy link
Collaborator

@baurine baurine commented Aug 29, 2023
edited
Loading

What Did

Encrypt the SQL Auth password in the frontend side by the RSA public key, and decrypt it in the backend side.

Preview

image

image

@ti-chi-bot ti-chi-bot bot requested a review from Renkai August 29, 2023 09:39
@netlify
Copy link

netlify bot commented Aug 29, 2023
edited
Loading

Deploy Preview for tidb-dashboard ready!

Name Link
🔨 Latest commit 9ebe316
🔍 Latest deploy log https://app.netlify.com/sites/tidb-dashboard/deploys/64efd53da27eed0008c40aa1
😎 Deploy Preview https://deploy-preview-1583--tidb-dashboard.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@ti-chi-bot ti-chi-bot bot added the size/XXL label Aug 29, 2023
@codecov
Copy link

codecov bot commented Aug 29, 2023
edited
Loading

Codecov Report

Merging #1583 (9ebe316) into master (db0052c) will increase coverage by 1.77%.
The diff coverage is 0.00%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #1583      +/-   ##
==========================================
+ Coverage   24.65%   26.42%   +1.77%     
==========================================
  Files         168       97      -71     
  Lines       15142    10443    -4699     
==========================================
- Hits         3733     2760     -973     
+ Misses      11135     7498    -3637     
+ Partials      274      185      -89
Flag Coverage Δ
backend_integration ?
backend_ut 26.42% <0.00%> (-0.15%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update db0052c...9ebe316. Read the comment docs.

@baurine baurine marked this pull request as draft August 29, 2023 09:47
@baurine baurine requested review from mornyx and shhdgit August 30, 2023 08:53
@baurine baurine marked this pull request as ready for review August 30, 2023 23:52
@baurine baurine changed the title feat(security): pass encrypted password feat(security): encrypt login password Aug 31, 2023
@mornyx
Copy link
Collaborator

mornyx commented Aug 31, 2023

Backend LGTM. BTW, Should we provide a configuration item for this feature (maybe disabled by default), rather than as the only choice?

@ti-chi-bot
Copy link
Contributor

ti-chi-bot bot commented Aug 31, 2023

@mornyx: adding LGTM is restricted to approvers and reviewers in OWNERS files.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

shhdgit
shhdgit approved these changes Aug 31, 2023
View reviewed changes
Copy link
Member

@shhdgit shhdgit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@ti-chi-bot ti-chi-bot bot added the lgtm label Aug 31, 2023
@ti-chi-bot
Copy link
Contributor

ti-chi-bot bot commented Aug 31, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mornyx, shhdgit

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ti-chi-bot
Copy link
Contributor

ti-chi-bot bot commented Aug 31, 2023

[LGTM Timeline notifier]

Timeline:

  • 2023-08-31 09:09:15.28920443 +0000 UTC m=+2004519.838220417: ☑️ agreed by shhdgit.

@ti-chi-bot ti-chi-bot bot added the approved label Aug 31, 2023
@ti-chi-bot ti-chi-bot bot merged commit d010da5 into master Aug 31, 2023
@ti-chi-bot ti-chi-bot bot deleted the feat/encrypt-pwd branch August 31, 2023 09:09
@baurine
Copy link
Collaborator Author

baurine commented Sep 1, 2023

Backend LGTM. BTW, Should we provide a configuration item for this feature (maybe disabled by default), rather than as the only choice?

After we can encrypt the login password, I don't think the user want to see the plain password again.

baurine added a commit that referenced this pull request Sep 11, 2023
@baurine
feat(security): encrypt login password (#1583)
bb51578
baurine added a commit that referenced this pull request Sep 11, 2023
@baurine @shhdgit
@SabaPing @nolouch @mornyx
Release v2023.09.11.01 [skip pd_pr] (#1588)
22add1e 
* feat(execution-plan): refine execution plan (#1561)

* chore(binary-plan): truncate long operator info for execution plan (#1565)

* feat: fix and refine execution plan (#1568)

* chore(binary-plan): show eye icon to hide column when hover (#1574)

* bump: i18next (#1575)

* Remove PNPM_INSTALL_TAGS=--offline (#1578)

* chore: upgrade node from 16 to 18, pnpm from 7 to 8 (#1580)

* feat(conprof): show conprof download link for TiCDC (#1581)

* keyvisual: use scanRegions instead of fetch all regions (#1579)

* feat(resource-control): show resource control entry for clinic (#1582)

* feat(debug-api): support pagination for ddl history (#1584)

* feat(security): encrypt login password (#1583)

* chore: update swaggo (#1585)

* test(login): fix login integration test (#1587)

* update release version to 2023.09.11.1

---------

Co-authored-by: Suhaha <[email protected]>
Co-authored-by: Yifan Xu <[email protected]>
Co-authored-by: ShuNing <[email protected]>
Co-authored-by: Yexiang Zhang <[email protected]>
baurine added a commit that referenced this pull request Nov 2, 2023
@baurine
Revert "feat(security): encrypt login password (#1583)"
72a4deb 
This reverts commit d010da5.
baurine added a commit that referenced this pull request Nov 2, 2023
@baurine
Release v2023.11.02.1 (#1609)
865955c 
* Revert "test(login): fix login integration test (#1587)"

This reverts commit f1e012a.

* Revert "feat(security): encrypt login password (#1583)"

This reverts commit d010da5.

* update release version to 2023.11.02.1
@mornyx mornyx mentioned this pull request Nov 2, 2023
Merged
This was referenced Nov 2, 2023
Closed
Merged
Closed
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mornyx mornyx mornyx approved these changes

@shhdgit shhdgit shhdgit approved these changes

@Renkai Renkai Awaiting requested review from Renkai

Assignees
No one assigned
Labels
approved area/frontend lgtm size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@baurine @mornyx @shhdgit