igm/publisher-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add utils package with Web Crypto password hashing

Browse Source 
- Create @reviq/utils package with PBKDF2-SHA256 password hashing
  compatible with Cloudflare Workers (uses crypto.subtle)
- Update api-server and CLI to use new utils package for consistent
  password hashing format across the codebase
- Add pino logging to api-server for better request debugging
- Make login request tokens cryptographically secure base58 strings
  instead of database IDs
- Add migration to make login_requests.token non-nullable with unique
  constraint
- Fix RPCLink URL construction for client-side API calls
- Add db:codegen script to root package.json

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
RevIQ
2026-01-09 18:12:33 +08:00
parent cee700f063
commit c1afc39062
25 changed files with 512 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
db/schema.sql
View File

@@ -1,4 +1,4 @@
\restrict Trg340CgUaHnQsqUDFepZ6WnV8O2lwkEMfhS9CGxBAJbWOA8qTnig08shTgrMcE
\restrict NwR9NcSOK9D25dGgvUNdLvsNphDACAXsvkQ5NSmhpf6sLcFR570yQ96lhgCbCXf
-- Dumped from database version 17.7
-- Dumped by pg_dump version 17.7
@@ -114,7 +114,7 @@ CREATE TABLE public.login_requests (
id bigint NOT NULL,
user_id integer NOT NULL,
email text NOT NULL,
token text,
token text NOT NULL,
device_fingerprint text,
ip_address text,
city text,
@@ -652,6 +652,14 @@ ALTER TABLE ONLY public.login_requests
ADD CONSTRAINT login_requests_token_key UNIQUE (token);
--
-- Name: login_requests login_requests_token_unique; Type: CONSTRAINT; Schema: public; Owner: -
--
ALTER TABLE ONLY public.login_requests
ADD CONSTRAINT login_requests_token_unique UNIQUE (token);
--
-- Name: org_invites org_invites_org_id_email_key; Type: CONSTRAINT; Schema: public; Owner: -
--
@@ -856,6 +864,13 @@ CREATE INDEX idx_email_verifications_expires ON public.email_verifications USING
CREATE INDEX idx_login_requests_expires ON public.login_requests USING btree (expires_at);
--
-- Name: idx_login_requests_token; Type: INDEX; Schema: public; Owner: -
--
CREATE INDEX idx_login_requests_token ON public.login_requests USING btree (token);
--
-- Name: idx_login_requests_user; Type: INDEX; Schema: public; Owner: -
--
@@ -1069,7 +1084,7 @@ ALTER TABLE ONLY public.user_devices
-- PostgreSQL database dump complete
--
\unrestrict Trg340CgUaHnQsqUDFepZ6WnV8O2lwkEMfhS9CGxBAJbWOA8qTnig08shTgrMcE
\unrestrict NwR9NcSOK9D25dGgvUNdLvsNphDACAXsvkQ5NSmhpf6sLcFR570yQ96lhgCbCXf
--
@@ -1077,4 +1092,5 @@ ALTER TABLE ONLY public.user_devices
--
INSERT INTO public.schema_migrations (version) VALUES
('001');
('001'),
('002');