Alex on Nostr: Auth tokens in #Ditto's database are now hashed, and nip46 keys are encrypted: ...
Auth tokens in #Ditto's database are now hashed, and nip46 keys are encrypted:
https://gitlab.com/soapbox-pub/ditto/-/merge_requests/526 This means that even if someone gained unauthorized access to the database, they wouldn't be able to control people's sessions. In other words, much better #security on the server.
I reworked auth tokens on #Ditto. This caused users to get logged out. Sorry!
Published at
2024-10-03 00:14:14Event JSON
{
"id": "2c64f1bc132e24eddd2a63df44133f1262e29b84019b7427fa2185566f3ceebc",
"pubkey": "0461fcbecc4c3374439932d6b8f11269ccdb7cc973ad7a50ae362db135a474dd",
"created_at": 1727914454,
"kind": 1,
"tags": [
[
"q",
"9e7ff361ddd144b894dd3c66719a1c6771ec1ebc720c6a810ce2a74632bfacb9"
],
[
"p",
"0461fcbecc4c3374439932d6b8f11269ccdb7cc973ad7a50ae362db135a474dd"
],
[
"t",
"ditto"
],
[
"r",
"https://gitlab.com/soapbox-pub/ditto/-/merge_requests/526"
],
[
"t",
"security"
]
],
"content": "Auth tokens in #Ditto's database are now hashed, and nip46 keys are encrypted: https://gitlab.com/soapbox-pub/ditto/-/merge_requests/526 \n\nThis means that even if someone gained unauthorized access to the database, they wouldn't be able to control people's sessions. In other words, much better #security on the server.\n\nnostr:note1nellxcwa69zt39xa83n8rxsuvac7c84uwgxx4qgvu2n5vv4l4jusye8sq3",
"sig": "43fa5733ab9cc8faaede1bcc1dc901797737cef784ee7b252356f6d5a89bd3511d89f062a6f425a1c8928bf0524fe0c0f705578c81add4de8027512cf74bbecb"
}
