Add utils package with Web Crypto password hashing

- Create @reviq/utils package with PBKDF2-SHA256 password hashing
  compatible with Cloudflare Workers (uses crypto.subtle)
- Update api-server and CLI to use new utils package for consistent
  password hashing format across the codebase
- Add pino logging to api-server for better request debugging
- Make login request tokens cryptographically secure base58 strings
  instead of database IDs
- Add migration to make login_requests.token non-nullable with unique
  constraint
- Fix RPCLink URL construction for client-side API calls
- Add db:codegen script to root package.json

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

This commit is contained in:

RevIQ

2026-01-09 18:12:33 +08:00

parent cee700f063

commit c1afc39062

25 changed files with 512 additions and 142 deletions

									
										1

packages/utils/src/index.ts
									
										Normal file
									
												View File
												
				@@ -0,0 +1 @@

				export { hashPassword, verifyPassword } from "./hash-password.js";

				`@@ -0,0 +1 @@`
				`export { hashPassword, verifyPassword } from "./hash-password.js";`

Add utils package with Web Crypto password hashing

1 packages/utils/src/index.ts Normal file Unescape Escape View File

1

packages/utils/src/index.ts Normal file

View File