mirror of
https://github.com/azaion/admin.git
synced 2026-06-21 16:41:09 +00:00
[AZ-536] [AZ-537] [AZ-538] Argon2id, login rate limit + lockout, CORS https-only
AZ-536 — replace unsalted SHA-384 password hashing with Argon2id (RFC 9106). Stored as PHC string with 64 MiB / 3 iter / 1 lane defaults; legacy SHA-384 hashes detected by prefix and lazily re-hashed on next successful login. Verify uses CryptographicOperations.FixedTimeEquals on both formats. AZ-537 — add per-IP sliding window rate limit on /login (ASP.NET Core RateLimiter, 10/60s default — production-tight) plus DB-backed per-account limit (5/300s) and consecutive-failure lockout (10 / 15 min) on the users row. Adds a generic audit_events table with INSERT/SELECT-only grants for the app role so the per-account count is queryable and admins cannot erase their own forensic trail. BusinessExceptionHandler maps AccountLocked to 423 and LoginRateLimited to 429, both with Retry-After. AZ-538 — drop the http://admin.azaion.com origin from CORS, gate UseHsts() + UseHttpsRedirection() to non-Development envs (1y / preload). Test infra: Npgsql in the e2e project + a DbHelper for direct DB inspection used by the AZ-536/537 ACs. appsettings.Development.json raises PerIpPermitLimit to 1000 so the suite (~270 logins from one container IP) doesn't false-trip the limiter. Tests: 53 pass + 3 documented skips (per-IP rate limit needs distinct client IPs; HSTS/HTTPS redirect need ASPNETCORE_ENVIRONMENT=Production). Code review: PASS_WITH_WARNINGS — 0 Critical, 0 High, 1 Medium, 3 Low. See _docs/03_implementation/reviews/batch_01_cycle2_review.md. Closes AZ-530 epic batch 1 of 4. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
@@ -1,7 +1,7 @@
|
||||
# Dependencies Table
|
||||
|
||||
**Date**: 2026-05-14 (refreshed; previous 2026-05-13)
|
||||
**Total Tasks**: 19 (7 done test tasks + 12 active product tasks)
|
||||
**Date**: 2026-05-14 (post batch 1 cycle 2; previous 2026-05-14)
|
||||
**Total Tasks**: 19 (7 done test tasks + 4 done product tasks + 5 done cross-workspace + 3 done CMMC + 5 active product tasks)
|
||||
**Total Complexity Points**: 71
|
||||
|
||||
| Task | Name | Complexity | Dependencies | Epic | Status |
|
||||
@@ -13,18 +13,18 @@
|
||||
| AZ-193 | resource_tests | 5 | AZ-189, AZ-190, AZ-192 | AZ-188 | done |
|
||||
| AZ-194 | security_tests | 3 | AZ-189, AZ-190 | AZ-188 | done |
|
||||
| AZ-195 | resilience_perf_tests | 5 | AZ-189, AZ-190 | AZ-188 | done |
|
||||
| AZ-183 | resources_table_update_api | 3 | None | AZ-181 | todo |
|
||||
| AZ-196 | register_device_endpoint | 2 | None | AZ-181 | todo |
|
||||
| AZ-197 | remove_hardware_id | 3 | None | AZ-181 | todo |
|
||||
| AZ-513 | classes_crud_routes | 3 | None | AZ-509 | todo |
|
||||
| AZ-183 | resources_table_update_api | 3 | None | AZ-181 | done |
|
||||
| AZ-196 | register_device_endpoint | 2 | None | AZ-181 | done |
|
||||
| AZ-197 | remove_hardware_id | 3 | None | AZ-181 | done |
|
||||
| AZ-513 | classes_crud_routes | 3 | None | AZ-509 | done |
|
||||
| AZ-531 | refresh_token_flow | 5 | None | AZ-529 | todo |
|
||||
| AZ-532 | asymmetric_signing_jwks | 5 | None | AZ-529 | todo |
|
||||
| AZ-533 | mission_token_uav | 5 | AZ-531 | AZ-529 | todo |
|
||||
| AZ-534 | totp_2fa_login | 5 | None (coord. AZ-531/537) | AZ-529 | todo |
|
||||
| AZ-535 | logout_revocation | 3 | AZ-531 | AZ-529 | todo |
|
||||
| AZ-536 | argon2id_password_hashing | 3 | None | AZ-530 | todo |
|
||||
| AZ-537 | login_rate_limit_lockout | 3 | None (coord. AZ-536) | AZ-530 | todo |
|
||||
| AZ-538 | cors_https_only_hsts | 2 | None | AZ-530 | todo |
|
||||
| AZ-536 | argon2id_password_hashing | 3 | None | AZ-530 | done |
|
||||
| AZ-537 | login_rate_limit_lockout | 3 | None (coord. AZ-536) | AZ-530 | done |
|
||||
| AZ-538 | cors_https_only_hsts | 2 | None | AZ-530 | done |
|
||||
|
||||
## Notes
|
||||
|
||||
|
||||
Reference in New Issue
Block a user