Skip to content

Harden JWT auth configuration and disable public token minting#17

Open
Dreamstore2046 wants to merge 1 commit into
IntersectMBO:mainfrom
Dreamstore2046:codex/drep-auth-hardening
Open

Harden JWT auth configuration and disable public token minting#17
Dreamstore2046 wants to merge 1 commit into
IntersectMBO:mainfrom
Dreamstore2046:codex/drep-auth-hardening

Conversation

@Dreamstore2046

Copy link
Copy Markdown

Summary

  • remove the hardcoded JWT signing secret from source and require JWT_SECRET from configuration
  • add optional JWT_NOT_BEFORE enforcement so deployments can reject tokens issued before a rotation timestamp
  • disable the unauthenticated /auth/login token-minting endpoint until wallet signature verification is implemented
  • restrict internal DRep token issuance to the registration signature/key claims instead of arbitrary caller-controlled claims
  • add focused auth regression tests for missing secrets, unsupported claims, token rotation cutoffs, and disabled public login

Closes #13

Security note

This is a P0 mitigation for the published-secret and sign-anything behavior. Operators still need to rotate any production JWT secret and database credentials that may have used previously committed values. A full CIP-30/CIP-8 challenge-response login flow can be added after this stops unauthenticated arbitrary JWT minting.

Validation

  • corepack yarn test --runInBand
  • corepack yarn build
  • git diff --check
  • rg "f6193c376fa7037461ef0b1b061c40c556646aef5d72805b4808bc61db73031cea8599910299e9124a32be0cf9b93aed9398c8b0166653bfc8713aa11a64f845|jwtConstants" backend/src -n returned no matches

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

1 participant