anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: handle bcrypt 72-byte limit and increase JWT secret length

Browse Source
This commit is contained in:
anti
2026-04-09 01:11:32 -04:00
parent 0123e1c69e
commit 8c7ec2953e
25 changed files with 32 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.env.example
View File

@@ -1,7 +1,7 @@
# API Options # API Options
DECNET_API_HOST=0.0.0.0 DECNET_API_HOST=0.0.0.0
DECNET_API_PORT=8000 DECNET_API_PORT=8000
DECNET_JWT_SECRET=supersecretkey12345 DECNET_JWT_SECRET=supersecretkey12345678901234567
DECNET_INGEST_LOG_FILE=/var/log/decnet/decnet.log DECNET_INGEST_LOG_FILE=/var/log/decnet/decnet.log
# Web Dashboard Options # Web Dashboard Options

4
.hypothesis/constants/9cb8bff6ac3080a0 Normal file
View File

@@ -0,0 +1,4 @@
# file: /home/anti/Tools/DECNET/decnet/web/api.py
# hypothesis_version: 6.151.11
[400, 404, 500, 512, 1000, 1024, '*', '/api/v1/auth/login', '/api/v1/deckies', '/api/v1/logs', '/api/v1/stats', '/api/v1/stream', '1.0.0', 'Authorization', 'Bearer', 'Bearer ', 'Decky not found', 'No active deployment', 'WWW-Authenticate', 'access_token', 'admin', 'bearer', 'data', 'decnet.web.api', 'histogram', 'id', 'lastEventId', 'limit', 'logs', 'message', 'must_change_password', 'offset', 'password_hash', 'role', 'stats', 'text/event-stream', 'token', 'token_type', 'total', 'type', 'unihost', 'username', 'uuid']

4
.hypothesis/constants/f9f2aace37ce402b Normal file
View File

@@ -0,0 +1,4 @@
# file: /home/anti/Tools/DECNET/decnet/web/auth.py
# hypothesis_version: 6.151.11
[1440, 'HS256', 'exp', 'iat', 'utf-8']

1
.hypothesis/examples/04e6b3400353b141/ecc7e8764d8d8b88 Normal file
View File

@@ -0,0 +1 @@
¨&@a!Þ”'<âÚÂN1ïÓ/Ï!ÁI…ÿø6-lÔãú+ÁÌI>…•_l.secondary

1
.hypothesis/examples/ecc7e8764d8d8b88/0ab7b4e709810141 Normal file
View File

@@ -0,0 +1 @@
櫟00000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/10d36a4958b401ae Normal file
View File

@@ -0,0 +1 @@
źZ000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/1da275fe3225e321 Normal file
View File

@@ -0,0 +1 @@
欟0000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/2a255fe9b75657fe Normal file
View File

@@ -0,0 +1 @@
櫚0000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/2d8090c00261b57e Normal file
View File

@@ -0,0 +1 @@
źV00000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/35b25efe3721d07c Normal file
View File

@@ -0,0 +1 @@
ŸT000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/4b1fa71886354f75 Normal file
View File

@@ -0,0 +1 @@
źW000000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/517b7281f484c8ea Normal file
View File

@@ -0,0 +1 @@
<EFBFBD><EFBFBD>Ω≈ç√∫˜µ≤≥÷åß∂ƒ©˙∆˚¬…æœ∑´®†¥¨ˆøπ“‘¡™£¢∞§¶•ªº–≠¸˛Ç◊ı˜Â¯˘¿ÅÍÎÏ˝ÓÔÒÚÆ☃Œ„´‰ˇÁ¨ˆØ∏”’`fifl‡°·—±<E28094>

1
.hypothesis/examples/ecc7e8764d8d8b88/566a0db223fc444e Normal file
View File

@@ -0,0 +1 @@
櫪00000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/603b279e7467600c Normal file
View File

@@ -0,0 +1 @@
盜0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/6376092996a87a12 Normal file
View File

@@ -0,0 +1 @@
蘖00000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/7004a20627600ff5 Normal file
View File

@@ -0,0 +1 @@
歇0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/83b93eee5a197cdf Normal file
View File

@@ -0,0 +1 @@
ŸY00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/90a025b38717e89b Normal file
View File

@@ -0,0 +1 @@
櫺000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/df65ee15e0244ff5 Normal file
View File

@@ -0,0 +1 @@
<EFBFBD><EFBFBD>Ω≈ç√∫˜µ≤≥÷åß∂ƒ©˙∆˚¬…æœ∑´®†¥¨ˆøπ“‘¡™£¢∞§¶•ªº–≠¸˛Ç◊ı˜Â¯˘¿ÅÍÎÏ˝ÓÔÒÚÆ☃Œ„´‰ˇÁ¨ˆØ∏”’`fifl‡°·—±<E28094>

1
.hypothesis/examples/ecc7e8764d8d8b88/e950f163b2268419 Normal file
View File

@@ -0,0 +1 @@
歃00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000€

1
.hypothesis/examples/ecc7e8764d8d8b88/f1dcb3c663df9e30 Normal file
View File

@@ -0,0 +1 @@
ŸO0000000000000000000000000000000000000000000000000000000000000000000000000000000€

BIN
.hypothesis/unicode_data/16.0.0/codec-utf-8.json.gz
View File

Binary file not shown.

6
decnet/web/api.py
View File

@@ -108,12 +108,12 @@ class Token(BaseModel):
class LoginRequest(BaseModel): class LoginRequest(BaseModel):
username: str username: str
password: str password: str = Field(..., max_length=72)
class ChangePasswordRequest(BaseModel): class ChangePasswordRequest(BaseModel):
old_password: str old_password: str = Field(..., max_length=72)
new_password: str new_password: str = Field(..., max_length=72)
class LogsResponse(BaseModel): class LogsResponse(BaseModel):

4
decnet/web/auth.py
View File

@@ -12,7 +12,7 @@ ACCESS_TOKEN_EXPIRE_MINUTES: int = 1440
def verify_password(plain_password: str, hashed_password: str) -> bool: def verify_password(plain_password: str, hashed_password: str) -> bool:
return bcrypt.checkpw( return bcrypt.checkpw(
plain_password.encode("utf-8"), plain_password.encode("utf-8")[:72],
hashed_password.encode("utf-8") hashed_password.encode("utf-8")
) )
@@ -20,7 +20,7 @@ def verify_password(plain_password: str, hashed_password: str) -> bool:
def get_password_hash(password: str) -> str: def get_password_hash(password: str) -> str:
# Use a cost factor of 12 (default for passlib/bcrypt) # Use a cost factor of 12 (default for passlib/bcrypt)
_salt: bytes = bcrypt.gensalt(rounds=12) _salt: bytes = bcrypt.gensalt(rounds=12)
_hashed: bytes = bcrypt.hashpw(password.encode("utf-8"), _salt) _hashed: bytes = bcrypt.hashpw(password.encode("utf-8")[:72], _salt)
return _hashed.decode("utf-8") return _hashed.decode("utf-8")

BIN
tests/.test_web_api_fuzz.py.swp Normal file
View File

Binary file not shown.