Initial commit
This commit is contained in:
35
sql/migrate_encrypt_totp_secrets.php
Normal file
35
sql/migrate_encrypt_totp_secrets.php
Normal file
@@ -0,0 +1,35 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Jednorázová migrace: zašifruje existující TOTP secrets v DB.
|
||||
*
|
||||
* Spuštění: php sql/migrate_encrypt_totp_secrets.php
|
||||
* Vyžaduje TOTP_ENCRYPTION_KEY v .env
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
require_once __DIR__ . '/../api/config.php';
|
||||
require_once __DIR__ . '/../api/includes/Encryption.php';
|
||||
|
||||
$pdo = db();
|
||||
|
||||
$stmt = $pdo->query('SELECT id, totp_secret FROM users WHERE totp_secret IS NOT NULL');
|
||||
$users = $stmt->fetchAll();
|
||||
|
||||
$migrated = 0;
|
||||
$skipped = 0;
|
||||
|
||||
foreach ($users as $user) {
|
||||
if (Encryption::isEncrypted($user['totp_secret'])) {
|
||||
$skipped++;
|
||||
continue;
|
||||
}
|
||||
|
||||
$encrypted = Encryption::encrypt($user['totp_secret']);
|
||||
$update = $pdo->prepare('UPDATE users SET totp_secret = ? WHERE id = ?');
|
||||
$update->execute([$encrypted, $user['id']]);
|
||||
$migrated++;
|
||||
}
|
||||
|
||||
echo "Migrace dokoncena: {$migrated} zasifrovano, {$skipped} preskoceno (jiz sifrovane).\n";
|
||||
Reference in New Issue
Block a user