78 lines
1.1 KiB
Markdown
78 lines
1.1 KiB
Markdown
# Security Policy
|
|
|
|
## Overview
|
|
|
|
This project implements a layered security model with:
|
|
|
|
- Secure password hashing (bcrypt)
|
|
- Hashed verification and reset tokens (SHA-256)
|
|
- Role-based authorization
|
|
- Audit logging
|
|
- Environment-based email handling
|
|
- Configurable CORS
|
|
|
|
---
|
|
|
|
## Authentication
|
|
|
|
Passwords are hashed using bcrypt before storage.
|
|
|
|
Email verification is required before login.
|
|
|
|
Reset and verification tokens:
|
|
- Random 32+ bytes
|
|
- SHA-256 hashed before database storage
|
|
- Expiration enforced
|
|
- One-time use
|
|
|
|
---
|
|
|
|
## Authorization
|
|
|
|
Access control enforced via middleware:
|
|
|
|
- RequireAuth
|
|
- RequireAdmin
|
|
|
|
No authorization logic is implemented in templates.
|
|
|
|
---
|
|
|
|
## Session Security
|
|
|
|
- HttpOnly cookies
|
|
- SameSite=Lax
|
|
- Secure flag enabled in production
|
|
- Session key configured via environment variable
|
|
|
|
---
|
|
|
|
## Email Security
|
|
|
|
Develop mode:
|
|
- Emails are written to filesystem
|
|
- No external transmission
|
|
|
|
Production mode:
|
|
- SMTP authenticated delivery
|
|
|
|
---
|
|
|
|
## Audit Logging
|
|
|
|
The system logs:
|
|
- Signup
|
|
- Login
|
|
- Email verification
|
|
- Password reset
|
|
- Admin actions
|
|
|
|
Logs contain:
|
|
- UserID
|
|
- Action
|
|
- Entity
|
|
- EntityID
|
|
- IP
|
|
- UserAgent
|
|
- Timestamp
|