fix(security): add username validation, constant-time login, default credential rejection, and tooling

2026-02-18 19:11:14 +01:00
parent 1521005b62
commit f41b8fd8c2
8 changed files with 393 additions and 1 deletions
--- a/backend/app/config.py
+++ b/backend/app/config.py
@@ -106,3 +106,19 @@ if settings.SECRET_KEY in _UNSAFE_SECRETS:
        "Set SECRET_KEY in your environment for persistent sessions.",
        stacklevel=2,
    )
+
+# ---------------------------------------------------------------------------
+# SEC-002: Reject default credentials in production
+# ---------------------------------------------------------------------------
+if _is_production:
+    _DEFAULT_CREDS = {
+        ("MINIO_ACCESS_KEY", settings.MINIO_ACCESS_KEY, "minioadmin"),
+        ("MINIO_SECRET_KEY", settings.MINIO_SECRET_KEY, "minioadmin"),
+    }
+    for name, current, default in _DEFAULT_CREDS:
+        if current == default:
+            raise RuntimeError(
+                f"CRITICAL: {name} is using the default value '{default}'. "
+                f"Set a strong value via the {name} environment variable "
+                f"before running in production."
+            )