blessing-skin-server

History

shhzhang 3d42aab16d [Security] Dynamic Email Verification & Password Reset Links Problem 1. Static Signature Vulnerability: - Email verification links used a static signature algorithm (same link for lifetime), allowing account hijacking if links were leaked. - Worst-case scenario: Compromised AppKey + leaked link → full-site account under danger. 2. Overly Long Reset Window: - Password reset links remained valid for 1 hour, enabling attackers to hijack accounts if intercepted. - Worst-case scenario: Compromised AppKey + leaked link → full-site account account take over. Solution - Email Verification: - Replaced static signatures with HMAC-SHA256 + timestamp + nonce. - Links are now one-time-use and expire immediately after verification. - Password Reset: - Reduced validity window from 1h → 5 minutes. - Added rate limiting to prevent brute-force attacks. Impact - Closed Communities: Critical for real-name systems (e.g., gaming, enterprise). - AppKey Leak Mitigation: Even with leaked AppKey, intercepted links are now useless. The commit message is translated by Deepseek due to my poor English.	2026-01-24 23:16:39 +08:00
..
factories	upgrade Laravel to 8	2020-10-14 11:56:34 +08:00
migrations	[Security] Dynamic Email Verification & Password Reset Links	2026-01-24 23:16:39 +08:00

shhzhang 3d42aab16d [Security] Dynamic Email Verification & Password Reset Links

**Problem**
1. **Static Signature Vulnerability**:
   - Email verification links used a static signature algorithm (same link for lifetime), allowing account hijacking if links were leaked.
   - *Worst-case scenario*: Compromised AppKey + leaked link → full-site account under danger.
2. **Overly Long Reset Window**:
   - Password reset links remained valid for 1 hour, enabling attackers to hijack accounts if intercepted.
   - *Worst-case scenario*: Compromised AppKey + leaked link → full-site account account take over.

 **Solution**
- **Email Verification**:
  - Replaced static signatures with **HMAC-SHA256 + timestamp + nonce**.
  - Links are now **one-time-use** and expire immediately after verification.
- **Password Reset**:
  - Reduced validity window from 1h → **5 minutes**.
  - Added rate limiting to prevent brute-force attacks.

 **Impact**
- **Closed Communities**: Critical for real-name systems (e.g., gaming, enterprise).
- **AppKey Leak Mitigation**: Even with leaked AppKey, intercepted links are now useless.

The commit message is translated by Deepseek due to my poor English.

2026-01-24 23:16:39 +08:00

factories

upgrade Laravel to 8

2020-10-14 11:56:34 +08:00

migrations

[Security] Dynamic Email Verification & Password Reset Links

2026-01-24 23:16:39 +08:00