DeployTokens should be hashed instead of encrypted
We encrypted DeployTokens
in gitlab-foss#63502 (closed). However, irreversible hashing is preferred to encryption: we present secret once, and store them in hashed form, without the ability to extract to original value. Our user flow should be build in a way that allows user to see the secret only once, and thus allow us to save them in irreversible form.
This is already done for DeployToken
because we only show them after creation, but we still store them in a reversible form. We should convert the value to store only the digest. In the model we should use add_authentication_token_field :token, digest: true
strategy instead of add_authentication_token_field :token, encrypted: :optional
.
We also want to make our tokens consistent, and only store hashed value for all of them.