93811b59cb
C-2: JWT moved from localStorage to httpOnly cookie (eliminates XSS token theft) C-3: WebSocket auth via short-lived single-use tickets (JWT no longer in URLs) H-1: JWT expiry reduced from 7 days to 4 hours H-3: TOTP secrets encrypted at rest with vault EncryptionService (auto-migrates plaintext) H-6: Rate limiting via @nestjs/throttler (60 req/min global, tighten on auth) H-8: Constant-time login — Argon2id verify runs against dummy hash for non-existent users H-9: Password hashing upgraded from bcrypt(10) to Argon2id (auto-upgrades on login) H-10: Credential list API no longer returns encrypted blobs H-16: Admin pages use Nuxt route middleware instead of client-side guard Plus: auth bootstrap plugin, cookie-parser middleware, all frontend Authorization headers removed Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
82 lines
2.0 KiB
JSON
82 lines
2.0 KiB
JSON
{
|
|
"name": "wraith-backend",
|
|
"version": "0.1.0",
|
|
"private": true,
|
|
"scripts": {
|
|
"build": "nest build",
|
|
"start": "node dist/main.js",
|
|
"dev": "nest start --watch",
|
|
"test": "jest",
|
|
"test:watch": "jest --watch",
|
|
"prisma:migrate": "prisma migrate dev",
|
|
"prisma:generate": "prisma generate",
|
|
"prisma:seed": "ts-node prisma/seed.ts"
|
|
},
|
|
"dependencies": {
|
|
"@nestjs/common": "^10.0.0",
|
|
"@nestjs/core": "^10.0.0",
|
|
"@nestjs/jwt": "^10.0.0",
|
|
"@nestjs/mapped-types": "^2.0.0",
|
|
"@nestjs/passport": "^10.0.0",
|
|
"@nestjs/throttler": "^6.0.0",
|
|
"@nestjs/platform-express": "^10.0.0",
|
|
"@nestjs/platform-ws": "^10.0.0",
|
|
"@nestjs/serve-static": "^4.0.0",
|
|
"@nestjs/websockets": "^10.0.0",
|
|
"@prisma/client": "^6.0.0",
|
|
"argon2": "^0.44.0",
|
|
"helmet": "^8.0.0",
|
|
"bcrypt": "^5.1.0",
|
|
"cookie-parser": "^1.4.7",
|
|
"class-transformer": "^0.5.1",
|
|
"class-validator": "^0.14.0",
|
|
"passport": "^0.7.0",
|
|
"passport-jwt": "^4.0.1",
|
|
"qrcode": "^1.5.4",
|
|
"reflect-metadata": "^0.2.0",
|
|
"rxjs": "^7.8.0",
|
|
"speakeasy": "^2.0.0",
|
|
"ssh2": "^1.15.0",
|
|
"uuid": "^13.0.0",
|
|
"ws": "^8.16.0"
|
|
},
|
|
"devDependencies": {
|
|
"@nestjs/cli": "^10.0.0",
|
|
"@nestjs/testing": "^10.0.0",
|
|
"@types/bcrypt": "^5.0.0",
|
|
"@types/cookie-parser": "^1.4.8",
|
|
"@types/jest": "^30.0.0",
|
|
"@types/node": "^20.0.0",
|
|
"@types/passport-jwt": "^4.0.0",
|
|
"@types/qrcode": "^1.5.6",
|
|
"@types/speakeasy": "^2.0.10",
|
|
"@types/ssh2": "^1.15.0",
|
|
"@types/uuid": "^10.0.0",
|
|
"@types/ws": "^8.5.0",
|
|
"jest": "^29.0.0",
|
|
"prisma": "^6.0.0",
|
|
"ts-jest": "^29.0.0",
|
|
"ts-node": "^10.9.0",
|
|
"typescript": "^5.3.0"
|
|
},
|
|
"prisma": {
|
|
"seed": "ts-node prisma/seed.ts"
|
|
},
|
|
"jest": {
|
|
"moduleFileExtensions": [
|
|
"js",
|
|
"json",
|
|
"ts"
|
|
],
|
|
"rootDir": ".",
|
|
"testRegex": ".*\\.spec\\.ts$",
|
|
"transform": {
|
|
"^.+\\.ts$": "ts-jest"
|
|
},
|
|
"testEnvironment": "node",
|
|
"moduleNameMapper": {
|
|
"^@/(.*)$": "<rootDir>/src/$1"
|
|
}
|
|
}
|
|
}
|