Mike/freno-dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security cleanup, fix turnstile

Browse Source
This commit is contained in:
Michael Freno
2026-05-28 16:48:06 -04:00
parent b7187721db
commit d48bbc0fc3
14 changed files with 318 additions and 189 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/server/api/routers/auth.ts
View File

@@ -1173,10 +1173,10 @@ export const authRouter = createTRPCRouter({
});
}
// Generate 6-digit code
const loginCode = Math.floor(
100000 + Math.random() * 900000
).toString();
// Generate cryptographically secure 6-digit code (p8-010)
const randomBytes = new Uint32Array(1);
crypto.getRandomValues(randomBytes);
const loginCode = (100000 + (randomBytes[0] % 900000)).toString();
const secret = new TextEncoder().encode(env.JWT_SECRET_KEY);
const token = await new SignJWT({