Apps/ImageApi
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

Implement critical security improvements for authentication

Browse Source 
This commit addresses several security vulnerabilities in the authentication
and authorization system:

1. JWT Encoding Panic Fix (Critical)
   - Replace .unwrap() with proper error handling in JWT token generation
   - Prevents server crashes from encoding failures
   - Returns HTTP 500 with error logging instead of panicking

2. Rate Limiting for Login Endpoint (Critical)
   - Add actix-governor dependency (v0.5)
   - Configure rate limiter: 2 requests/sec with burst of 5
   - Protects against brute-force authentication attacks

3. Strengthen Password Requirements
   - Minimum length increased from 6 to 12 characters
   - Require uppercase, lowercase, numeric, and special characters
   - Add comprehensive validation with clear error messages

4. Fix Token Parsing Vulnerability
   - Replace unsafe split().last().unwrap_or() pattern
   - Use strip_prefix() for proper Bearer token validation
   - Return InvalidToken error for malformed Authorization headers

5. Improve Authentication Logging
   - Sanitize error messages to avoid leaking user existence
   - Change from "User not found or incorrect password" to "Failed login attempt"

All changes tested and verified with existing test suite (65/65 tests passing).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Cameron
2025-12-26 23:53:54 -05:00
parent a2f2d4de5c
commit 2c52cffd65
5 changed files with 184 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
src/auth.rs
View File

@@ -13,22 +13,47 @@ use crate::{
database::UserDao,
};
/// Validate password meets security requirements
fn validate_password(password: &str) -> Result<(), String> {
if password.len() < 12 {
return Err("Password must be at least 12 characters".into());
}
if !password.chars().any(|c| c.is_uppercase()) {
return Err("Password must contain at least one uppercase letter".into());
}
if !password.chars().any(|c| c.is_lowercase()) {
return Err("Password must contain at least one lowercase letter".into());
}
if !password.chars().any(|c| c.is_numeric()) {
return Err("Password must contain at least one number".into());
}
if !password.chars().any(|c| !c.is_alphanumeric()) {
return Err("Password must contain at least one special character".into());
}
Ok(())
}
#[allow(dead_code)]
async fn register<D: UserDao>(
user: Json<CreateAccountRequest>,
user_dao: web::Data<Mutex<D>>,
) -> impl Responder {
if !user.username.is_empty() && user.password.len() > 5 && user.password == user.confirmation {
// Validate password strength
if let Err(msg) = validate_password(&user.password) {
return HttpResponse::BadRequest().body(msg);
}
if !user.username.is_empty() && user.password == user.confirmation {
let mut dao = user_dao.lock().expect("Unable to get UserDao");
if dao.user_exists(&user.username) {
HttpResponse::BadRequest()
HttpResponse::BadRequest().finish()
} else if let Some(_user) = dao.create_user(&user.username, &user.password) {
HttpResponse::Ok()
HttpResponse::Ok().finish()
} else {
HttpResponse::InternalServerError()
HttpResponse::InternalServerError().finish()
}
} else {
HttpResponse::BadRequest()
HttpResponse::BadRequest().finish()
}
}
@@ -45,19 +70,21 @@ pub async fn login<D: UserDao>(
sub: user.id.to_string(),
exp: (Utc::now() + Duration::days(5)).timestamp(),
};
let token = encode(
let token = match encode(
&Header::default(),
&claims,
&EncodingKey::from_secret(secret_key().as_bytes()),
)
.unwrap();
) {
Ok(t) => t,
Err(e) => {
error!("Failed to encode JWT: {}", e);
return HttpResponse::InternalServerError().finish();
}
};
HttpResponse::Ok().json(Token { token: &token })
} else {
error!(
"User not found during login or incorrect password: '{}'",
creds.username
);
error!("Failed login attempt for user: '{}'", creds.username);
HttpResponse::NotFound().finish()
}
}