porchlight

History

Johan Lundberg 91a2277664 fix(security): store only a hash of magic-link tokens Magic-link tokens were persisted in plaintext, so a database read disclosed usable login/invite tokens. The service now hashes tokens (HMAC-SHA256 when a pepper is configured, else SHA-256 of the high-entropy token) and persists only the hash; the raw token is exposed solely in the registration URL and is re-attached to objects returned to callers. Refs: porchlight-42h Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-04 10:36:18 +02:00
..
__init__.py	feat: add MagicLinkService with token create/validate/cleanup	2026-02-13 15:02:53 +01:00
test_service.py	fix(security): store only a hash of magic-link tokens	2026-06-04 10:36:18 +02:00

fix(security): store only a hash of magic-link tokens

Magic-link tokens were persisted in plaintext, so a database read disclosed
usable login/invite tokens. The service now hashes tokens (HMAC-SHA256 when a
pepper is configured, else SHA-256 of the high-entropy token) and persists
only the hash; the raw token is exposed solely in the registration URL and is
re-attached to objects returned to callers.

Refs: porchlight-42h

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-04 10:36:18 +02:00

__init__.py

feat: add MagicLinkService with token create/validate/cleanup

2026-02-13 15:02:53 +01:00

test_service.py

fix(security): store only a hash of magic-link tokens

2026-06-04 10:36:18 +02:00