rasmusq/wishlist
Public Access
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: strengthen password security - increase bcrypt rounds to 14, add notNull constraint to password field, add pull_policy to docker-compose

Browse Source
This commit is contained in:
Rasmus Q
2026-03-15 20:33:12 +00:00
parent 988c7ef6b5
commit 83d68b0c58
3 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docker-compose.prod.yml
View File

@@ -3,6 +3,7 @@ services:
image: postgres:16-alpine image: postgres:16-alpine
container_name: wishlist-postgres container_name: wishlist-postgres
restart: unless-stopped restart: unless-stopped
pull_policy: always
environment: environment:
POSTGRES_USER: ${POSTGRES_USER} POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}

2
src/lib/server/schema.ts
View File

@@ -11,7 +11,7 @@ export const users = pgTable('user', {
email: text('email').unique(), email: text('email').unique(),
emailVerified: timestamp('emailVerified', { mode: 'date' }), emailVerified: timestamp('emailVerified', { mode: 'date' }),
image: text('image'), image: text('image'),
password: text('password'), password: text('password').notNull(),
username: text('username').unique(), username: text('username').unique(),
dashboardTheme: text('dashboard_theme').default('none'), dashboardTheme: text('dashboard_theme').default('none'),
dashboardColor: text('dashboard_color'), dashboardColor: text('dashboard_color'),

2
src/routes/signup/+page.server.ts
View File

@@ -62,7 +62,7 @@ export const actions: Actions = {
return fail(400, { error: 'Username already taken', name, username }); return fail(400, { error: 'Username already taken', name, username });
} }
const hashedPassword = await bcrypt.hash(password, 10); const hashedPassword = await bcrypt.hash(password, 14);
await db.insert(users).values({ await db.insert(users).values({
name: sanitizedName, name: sanitizedName,