Commit 7339d449 authored Dec 12, 2025 by Lembot

fix: use per-user encryption for credentials

Address review feedback: each user's credentials are now encrypted with
a unique key derived from:
- Server's master secret (env var)
- Per-user salt (stored in DB)
- Session key part (stored in cookie only, NOT in DB)

This ensures:
- Database leak alone cannot decrypt any credentials
- Stolen session alone cannot decrypt credentials
- Credentials are tied to specific sessions

Changes:
- Add keySalt field to users table
- Add keyPart to Session (stored in cookie, not DB)
- deriveUserKey() combines all three components via PBKDF2
- Session cookie now contains base64(sessionId:keyPart)
- All encrypt/decrypt operations use user-specific keys

🤖 Generated with [Claude Code](https://claude.com/claude-code

)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

parent ba29acfd

Show whitespace changes

Inline Side-by-side

Please to comment