Buriburizaemon/nodewarden
1
0
Fork 0
mirror of https://github.com/shuaiplus/nodewarden.git synced 2026-06-20 21:00:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: enhance password security with server-side hashing and constant-time comparisons

Browse Source
This commit is contained in:
shuaiplus
2026-03-01 20:22:48 +08:00
committed by Shuai
parent 66f995d981
commit 1a94f8dd44
7 changed files with 88 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+1 -2
View File
@@ -7,13 +7,12 @@ node_modules/
wrangler.my.toml wrangler.my.toml
RELEASE_NOTES.md RELEASE_NOTES.md
tests/selfcheck.ts tests/selfcheck.ts
problem.md
# Build output # Build output
dist/ dist/
build/ build/
# IDE # IDE
.vscode/ .vscode/
.idea/ .idea/
src/handlers/accounts.ts
+21 -7
View File
@@ -122,11 +122,14 @@ export async function handleRegister(request: Request, env: Env): Promise<Respon
} }
const now = new Date().toISOString(); const now = new Date().toISOString();
const auth = new AuthService(env);
const serverHash = await auth.hashPasswordServer(masterPasswordHash, email);
const user: User = { const user: User = {
id: generateUUID(), id: generateUUID(),
email, email,
name: name || email, name: name || email,
masterPasswordHash, masterPasswordHash: serverHash,
key, key,
privateKey, privateKey,
publicKey, publicKey,
@@ -244,6 +247,7 @@ export async function handleUpdateProfile(request: Request, env: Env, userId: st
// POST /api/accounts/keys // POST /api/accounts/keys
export async function handleSetKeys(request: Request, env: Env, userId: string): Promise<Response> { export async function handleSetKeys(request: Request, env: Env, userId: string): Promise<Response> {
const storage = new StorageService(env.DB); const storage = new StorageService(env.DB);
const auth = new AuthService(env);
const user = await storage.getUserById(userId); const user = await storage.getUserById(userId);
if (!user) { if (!user) {
@@ -251,6 +255,7 @@ export async function handleSetKeys(request: Request, env: Env, userId: string):
} }
let body: { let body: {
masterPasswordHash?: string;
key?: string; key?: string;
encryptedPrivateKey?: string; encryptedPrivateKey?: string;
publicKey?: string; publicKey?: string;
@@ -262,6 +267,15 @@ export async function handleSetKeys(request: Request, env: Env, userId: string):
return errorResponse('Invalid JSON', 400); return errorResponse('Invalid JSON', 400);
} }
// Require password verification before allowing key replacement.
if (!body.masterPasswordHash) {
return errorResponse('masterPasswordHash is required', 400);
}
const passwordValid = await auth.verifyPassword(body.masterPasswordHash, user.masterPasswordHash, user.email);
if (!passwordValid) {
return errorResponse('Invalid password', 400);
}
if (body.key) user.key = body.key; if (body.key) user.key = body.key;
if (body.encryptedPrivateKey) user.privateKey = body.encryptedPrivateKey; if (body.encryptedPrivateKey) user.privateKey = body.encryptedPrivateKey;
if (body.publicKey) user.publicKey = body.publicKey; if (body.publicKey) user.publicKey = body.publicKey;
@@ -308,7 +322,7 @@ export async function handleChangePassword(request: Request, env: Env, userId: s
const currentHash = body.currentPasswordHash || body.masterPasswordHash; const currentHash = body.currentPasswordHash || body.masterPasswordHash;
if (!currentHash) return errorResponse('Current password hash is required', 400); if (!currentHash) return errorResponse('Current password hash is required', 400);
const valid = await auth.verifyPassword(currentHash, user.masterPasswordHash); const valid = await auth.verifyPassword(currentHash, user.masterPasswordHash, user.email);
if (!valid) return errorResponse('Invalid password', 400); if (!valid) return errorResponse('Invalid password', 400);
if (!body.newMasterPasswordHash) { if (!body.newMasterPasswordHash) {
@@ -324,7 +338,7 @@ export async function handleChangePassword(request: Request, env: Env, userId: s
return errorResponse('new encryptedPrivateKey is not a valid encrypted string', 400); return errorResponse('new encryptedPrivateKey is not a valid encrypted string', 400);
} }
user.masterPasswordHash = body.newMasterPasswordHash; user.masterPasswordHash = await auth.hashPasswordServer(body.newMasterPasswordHash, user.email);
if (nextKey) user.key = nextKey; if (nextKey) user.key = nextKey;
if (nextPrivateKey) user.privateKey = nextPrivateKey; if (nextPrivateKey) user.privateKey = nextPrivateKey;
if (nextPublicKey) user.publicKey = nextPublicKey; if (nextPublicKey) user.publicKey = nextPublicKey;
@@ -395,7 +409,7 @@ export async function handleSetTotpStatus(request: Request, env: Env, userId: st
if (!body.masterPasswordHash) { if (!body.masterPasswordHash) {
return errorResponse('masterPasswordHash is required to disable TOTP', 400); return errorResponse('masterPasswordHash is required to disable TOTP', 400);
} }
const valid = await auth.verifyPassword(body.masterPasswordHash, user.masterPasswordHash); const valid = await auth.verifyPassword(body.masterPasswordHash, user.masterPasswordHash, user.email);
if (!valid) return errorResponse('Invalid password', 400); if (!valid) return errorResponse('Invalid password', 400);
user.totpSecret = null; user.totpSecret = null;
@@ -430,7 +444,7 @@ export async function handleGetTotpRecoveryCode(request: Request, env: Env, user
const currentHash = String(body.masterPasswordHash || body.master_password_hash || body.password || '').trim(); const currentHash = String(body.masterPasswordHash || body.master_password_hash || body.password || '').trim();
if (!currentHash) return errorResponse('masterPasswordHash is required', 400); if (!currentHash) return errorResponse('masterPasswordHash is required', 400);
const valid = await auth.verifyPassword(currentHash, user.masterPasswordHash); const valid = await auth.verifyPassword(currentHash, user.masterPasswordHash, user.email);
if (!valid) return errorResponse('Invalid password', 400); if (!valid) return errorResponse('Invalid password', 400);
if (!user.totpRecoveryCode) { if (!user.totpRecoveryCode) {
@@ -488,7 +502,7 @@ export async function handleRecoverTwoFactor(request: Request, env: Env): Promis
return errorResponse('Invalid credentials or recovery code', 400); return errorResponse('Invalid credentials or recovery code', 400);
} }
const validPassword = await auth.verifyPassword(masterPasswordHash, user.masterPasswordHash); const validPassword = await auth.verifyPassword(masterPasswordHash, user.masterPasswordHash, user.email);
if (!validPassword) { if (!validPassword) {
await rateLimit.recordFailedLogin(recoverLimitKey); await rateLimit.recordFailedLogin(recoverLimitKey);
return errorResponse('Invalid credentials or recovery code', 400); return errorResponse('Invalid credentials or recovery code', 400);
@@ -547,7 +561,7 @@ export async function handleVerifyPassword(request: Request, env: Env, userId: s
return errorResponse('masterPasswordHash is required', 400); return errorResponse('masterPasswordHash is required', 400);
} }
const valid = await auth.verifyPassword(body.masterPasswordHash, user.masterPasswordHash); const valid = await auth.verifyPassword(body.masterPasswordHash, user.masterPasswordHash, user.email);
if (!valid) { if (!valid) {
return errorResponse('Invalid password', 400); return errorResponse('Invalid password', 400);
} }
src/handlers/identity.ts
+2 -2
View File
@@ -114,7 +114,7 @@ export async function handleToken(request: Request, env: Env): Promise<Response>
const twoFactorToken = body.twoFactorToken; const twoFactorToken = body.twoFactorToken;
const twoFactorProvider = body.twoFactorProvider; const twoFactorProvider = body.twoFactorProvider;
const twoFactorRemember = body.twoFactorRemember; const twoFactorRemember = body.twoFactorRemember;
const loginIdentifier = clientIdentifier; const loginIdentifier = `${clientIdentifier}:${email}`;
const deviceInfo = readAuthRequestDeviceInfo(body, request); const deviceInfo = readAuthRequestDeviceInfo(body, request);
if (!email || !passwordHash) { if (!email || !passwordHash) {
@@ -142,7 +142,7 @@ export async function handleToken(request: Request, env: Env): Promise<Response>
return identityErrorResponse('Account is disabled', 'invalid_grant', 400); return identityErrorResponse('Account is disabled', 'invalid_grant', 400);
} }
const valid = await auth.verifyPassword(passwordHash, user.masterPasswordHash); const valid = await auth.verifyPassword(passwordHash, user.masterPasswordHash, user.email);
if (!valid) { if (!valid) {
return recordFailedLoginAndBuildResponse( return recordFailedLoginAndBuildResponse(
rateLimit, rateLimit,
src/services/auth.ts
+45 -7
View File
@@ -2,6 +2,11 @@ import { Env, JWTPayload, User } from '../types';
import { verifyJWT, createJWT, createRefreshToken } from '../utils/jwt'; import { verifyJWT, createJWT, createRefreshToken } from '../utils/jwt';
import { StorageService } from './storage'; import { StorageService } from './storage';
// Server-side iterations for second-layer hashing.
// The client already does heavy PBKDF2 (600k iterations).
// This second layer only needs to be non-trivial, not expensive.
const SERVER_HASH_ITERATIONS = 100_000;
export class AuthService { export class AuthService {
private storage: StorageService; private storage: StorageService;
@@ -9,15 +14,48 @@ export class AuthService {
this.storage = new StorageService(env.DB); this.storage = new StorageService(env.DB);
} }
// Verify password hash (compare with stored hash) // Second-layer hash: PBKDF2-SHA256(clientHash, email-salt, iterations).
async verifyPassword(inputHash: string, storedHash: string): Promise<boolean> { // Ensures database contents alone cannot be used to authenticate (pass-the-hash defense).
const input = new TextEncoder().encode(inputHash); // Result is prefixed with "$s$" to distinguish from legacy raw client hashes.
const stored = new TextEncoder().encode(storedHash); async hashPasswordServer(clientHash: string, email: string): Promise<string> {
if (input.length !== stored.length) return false; const keyMaterial = await crypto.subtle.importKey(
'raw',
new TextEncoder().encode(clientHash),
'PBKDF2',
false,
['deriveBits']
);
const salt = new TextEncoder().encode(email.toLowerCase().trim());
const bits = await crypto.subtle.deriveBits(
{ name: 'PBKDF2', hash: 'SHA-256', salt, iterations: SERVER_HASH_ITERATIONS },
keyMaterial,
256
);
const bytes = new Uint8Array(bits);
let binary = '';
for (const b of bytes) binary += String.fromCharCode(b);
return '$s$' + btoa(binary);
}
// Verify password: hash the input the same way, then constant-time compare.
async verifyPassword(inputHash: string, storedHash: string, email?: string): Promise<boolean> {
// New server-hashed passwords are prefixed with "$s$".
// Legacy accounts (created before the upgrade) store raw client hashes without prefix.
if (email && storedHash.startsWith('$s$')) {
const serverHash = await this.hashPasswordServer(inputHash, email);
return this.constantTimeEquals(serverHash, storedHash);
}
// Legacy path: direct constant-time comparison of raw client hashes.
return this.constantTimeEquals(inputHash, storedHash);
}
private constantTimeEquals(a: string, b: string): boolean {
const encA = new TextEncoder().encode(a);
const encB = new TextEncoder().encode(b);
if (encA.length !== encB.length) return false;
let diff = 0; let diff = 0;
for (let i = 0; i < input.length; i++) { for (let i = 0; i < encA.length; i++) {
diff |= input[i] ^ stored[i]; diff |= encA[i] ^ encB[i];
} }
return diff === 0; return diff === 0;
} }
src/utils/recovery-code.ts
+8 -1
View File
@@ -24,5 +24,12 @@ export function createRecoveryCode(): string {
export function recoveryCodeEquals(input: string, storedCode: string | null | undefined): boolean { export function recoveryCodeEquals(input: string, storedCode: string | null | undefined): boolean {
if (!storedCode) return false; if (!storedCode) return false;
return normalizeRecoveryCode(input) === normalizeRecoveryCode(storedCode); const a = new TextEncoder().encode(normalizeRecoveryCode(input));
const b = new TextEncoder().encode(normalizeRecoveryCode(storedCode));
if (a.length !== b.length) return false;
let diff = 0;
for (let i = 0; i < a.length; i++) {
diff |= a[i] ^ b[i];
}
return diff === 0;
} }
src/utils/totp.ts
+10 -2
View File
@@ -69,11 +69,19 @@ export async function verifyTotpToken(secretRaw: string, tokenRaw: string, nowMs
if (!secret) return false; if (!secret) return false;
const currentCounter = Math.floor(nowMs / 1000 / TOTP_STEP_SECONDS); const currentCounter = Math.floor(nowMs / 1000 / TOTP_STEP_SECONDS);
let matched = false;
for (let delta = -TOTP_WINDOW; delta <= TOTP_WINDOW; delta++) { for (let delta = -TOTP_WINDOW; delta <= TOTP_WINDOW; delta++) {
const expected = await hotp(secret, currentCounter + delta); const expected = await hotp(secret, currentCounter + delta);
if (expected === token) return true; // Constant-time comparison: always check all windows, never short-circuit.
const a = new TextEncoder().encode(expected);
const b = new TextEncoder().encode(token);
let diff = a.length ^ b.length;
for (let i = 0; i < a.length && i < b.length; i++) {
diff |= a[i] ^ b[i];
}
if (diff === 0) matched = true;
} }
return false; return matched;
} }
export function isTotpEnabled(secretRaw: string | undefined | null): boolean { export function isTotpEnabled(secretRaw: string | undefined | null): boolean {
webapp/vite.config.ts
+1 -1
View File
@@ -15,7 +15,7 @@ export default defineConfig({
}, },
build: { build: {
outDir: path.resolve(rootDir, '../dist'), outDir: path.resolve(rootDir, '../dist'),
emptyOutDir: false, emptyOutDir: true,
sourcemap: true, sourcemap: true,
}, },
server: { server: {