Secure by default sessions #2200
Open
+278
−26
Commits on Oct 1, 2024
-
Generate and persist a 256 bit session secret by default
* Add `urandom_bytes` and `urandom_urlsafe` to `Mojo::Util` for generating secure random bits from either Crypt::Random or /dev/urandom * Don't use the hard coded moniker as the default secret * Generate and store a strong secret if not exists in `$ENV{MOJO_HOME}/mojo.secrets`, overridable with `$ENV{MOJO_SECRETS_FILE}` when app->secrets is called * Only load secrets from `mojo.secrets` that are over 22 chars * Use `urandom_urlsafe` when generating CSRF tokens * Use `urandom_urlsafe` when in `mojo generate app` * Add `mojo generate secret` * Tests: - Add misc tests for generating and loading mojo.secrets in `t/mojolicious/secret/` and for `mojo generate secret`. - Add a default secret in `t/mojolicious/mojo.secrets` so other session checks work * Install Crypt::URandom in GH Windows workflow so urandom_bytes works on that platform
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.