OWASP [1] recommends for password hashing the following algorithms in
descending order: argon2id, scrypt, bcrypt. They state that bcrypt may
be used in legacy systems or when required due to legal regulations.
We're however not building any legacy application. Even HedgeDoc 1.x
utilizes a more modern algorithm by using scrypt.
While bcrypt is not insecure per se, our implementation had a major
security flaw, leading to invalid passwords being accepted in certain
cases. The bcrypt nodejs package - and the OWASP cheatsheet as well -
point out, that the maximum input length of passwords is limited to 72
bytes with bcrypt. When some user has a password longer than 72 bytes in
use, only the first 72 bytes are required to log in successfully.
Depending on the encoding (which could be UTF-8 or UTF-16 depending on
different circumstances) this could in worst-case be at 36 characters,
which is not very unusual for a password. See also [2].
This commit changes the used algorithm to argon2id. Argon2id has been in
use for several years now and seems to be a well-designed password
hashing function that even won the 2015 Password Hashing Competition.
Argon2 does not have any real-world max input length for passwords (it
is at 4 GiB).
The node-rs/argon2 implementation seems to be well maintained, widely
used (more than 150k downloads per week) and is published with
provenance, proving that the npm package was built on GitHub actions
using the source code in the repository. The implementation is written
in Rust, so it should be safe against memory leakages etc.
[1]: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Che
at_Sheet.html#password-hashing-algorithms
[2]: https://security.stackexchange.com/a/39851
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
When the frontend is notified about metadata updates, it refreshes the
data and therefore refreshes information like the timestamp of the last
revision save in the sidebar.
This commit adds such a notification from the backend to all clients on
each revision save, so that the "last saved at" value in the frontend is
correct.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
When creating a new note or adding a new alias to one,
it is checked that the new name
is neither forbidden nor already in use.
Co-authored-by: David Mehren <git@herrmehren.de>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Previous versions of HedgeDoc suffered from the problem
that changing the media backend required manipulation of
the media links in all created notes. We discussed in
#3704 that it's favourable to have an endpoint that
redirects to the image's original URL. When changing the
media backend, the link stays the same but just the
redirect changes.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
The frontend now doesn't try to reconnect, when the disconnection happened because of a lack of permissions
Signed-off-by: Philip Molares <philip.molares@udo.edu>
We need to use .ts only if we run inside ts-node
or other tools that use it. In all other cases, we need to
refer to the .js migration files.
Signed-off-by: David Mehren <git@herrmehren.de>
Previously, an undefined result in fetchUsernameForSessionId
was handled the same way as an error, rejecting the promise.
This fixes the behavior, only rejecting the promise if an error
is returned from the session store and properly returning
undefined if the session store returns that.
Signed-off-by: David Mehren <git@herrmehren.de>
The default log level is 'warning', so we log the final
startup message as warning to ensure it is visible by default.
Signed-off-by: David Mehren <git@herrmehren.de>
This config object was originally ported from the HD1 config,
but is not required anymore.
HD2 does not support handling TLS anymore, so it does not make
sense for it to set TLS-related headers.
The reverse proxy terminating TLS can easily set HSTS headers.
Signed-off-by: David Mehren <git@herrmehren.de>
With this commit we drop the subpath support which results in the constraint that HedgeDoc must always run on the root of a domain. This makes a lot of things in testing, rendering and security much easier.
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
This was done as LDAPS us both the plural of LDAP and the common abbreviation for secure LDAP connections.
Fixes#4460
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The setAdapter function checks if the websocket is closed.
If this is the case then an error is thrown and the whole process will be canceled. If the adapter isn't set before the realtime connection object is prepared then the connection will subscribe to all the events and THEN the process will be canceled. Because the MessageTransporter has no adapter (and won't get one), the connection will never get a disconnect event and clean up.
This causes the flood of "cant send message over closed websocket" messages.
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
While the DI and database initialization is running, NestJSs default logger is normally used. Our custom logger was only being initialized after DI setup is complete.
Errors encountered during DI setup were buffered and only printed after DI init was complete, or the app exited on error.
This led to the app not printing anything for a minute in certain cases.
This commit replaces the initial logger with our ConsoleLoggerService that logs everything.
After DI init is complete, that logger is replaced with a normal instance of ConsoleLoggerService that uses the real config from DI.
Fixes https://github.com/hedgedoc/hedgedoc/issues/4306
Signed-off-by: David Mehren <git@herrmehren.de>
sometimes we create revisions for notes that don't exist yet. If we try to persist a revision that is referring to a non-existing note the whole attempt crashes.
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
