globalstatedb package is a disaster and should be rewritten
Created by: slimsag
Original title: Cleanup global_state DB code to remove duplicate entries and prevent site_id from changing
Reported by https://app.hubspot.com/contacts/2762526/company/407 948923
When creating a new user account, the management console password is reset to a newly-generated secure password incorrectly. This causes the /site-admin page to show the new password prompt again:
- This is very confusing behavior as a user because it seems worrying, it is also quite annoying seeing the password prompt come back.
-
This cannot be used to breach security, as the newly generated password is indeed a secure one. The worst case scenario outcome from this is:
- The site admin needs access to their management console but doesn't know the password as it has been reset and can't retrieve it via the
/site-adminpage (e.g. if site is down). The admin would have to reset the password manually to gain access in this case.
- The site admin needs access to their management console but doesn't know the password as it has been reset and can't retrieve it via the
Technical explanation
The global_state table which tracks whether or not the site is initialized and stores the bcrypt'd version of the management console password can have multiple rows.
This occurs when tryInsertNew runs more than once -- or any time that globalstatedb.EnsureInitialized is called, effectively.
Related: https://github.com/sourcegraph/sourcegraph/issues/2322
Resolution timeline
I've scheduled this tentatively for 3.3, but it is possible it will be pushed back to a follow up patch release or 3.4 given other more important work on my plate and given this issue is just an annoyance.
Another option is to prioritize this issue for 3.3 by scheduling another team member to work on this. Happy to do so if anyone wants to request we definitely get the fix in 3.3.