serve.zone/onebox
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Add tests for authentication and security features

Browse Source 
- Implement unit tests for password handling in `auth_test.ts`, covering bcrypt and legacy password hashes.
- Create a fake database for user management to facilitate testing of the `AdminHandler`.
- Validate JWT-based identity verification against database records.
- Introduce tests for credential encryption and registry management in `security_test.ts`.
- Ensure registry passwords are securely stored and can be decrypted correctly, including legacy support.
- Add utility functions for password hashing and verification in `auth.ts`.
This commit is contained in:
Jürgen Kunz
2026-04-19 01:30:54 +00:00
parent 0c9eb0653d
commit 618d4d674f
34 changed files with 585 additions and 255 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ts/classes/encryption.ts
+16 -6
View File
@@ -97,7 +97,11 @@ export class CredentialEncryption {
*/
async encrypt(data: Record<string, string>): Promise<string> {
if (!this.key) {
throw new Error('Encryption not initialized. Call init() first.');
await this.init();
}
const key = this.key;
if (!key) {
throw new Error('Encryption key initialization failed.');
}
const iv = crypto.getRandomValues(new Uint8Array(this.ivLength));
@@ -105,7 +109,7 @@ export class CredentialEncryption {
const ciphertext = await crypto.subtle.encrypt(
{ name: this.algorithm, iv },
this.key,
key,
encoded
);
@@ -120,9 +124,15 @@ export class CredentialEncryption {
/**
* Decrypt a base64 string back to credentials object
*/
async decrypt(encrypted: string): Promise<Record<string, string>> {
async decrypt<T extends Record<string, string> = Record<string, string>>(
encrypted: string,
): Promise<T> {
if (!this.key) {
throw new Error('Encryption not initialized. Call init() first.');
await this.init();
}
const key = this.key;
if (!key) {
throw new Error('Encryption key initialization failed.');
}
const combined = this.base64ToBytes(encrypted);
@@ -133,12 +143,12 @@ export class CredentialEncryption {
const decrypted = await crypto.subtle.decrypt(
{ name: this.algorithm, iv },
this.key,
key,
ciphertext
);
const decoded = new TextDecoder().decode(decrypted);
return JSON.parse(decoded);
return JSON.parse(decoded) as T;
}
/**