Implement safe crypto

2025-04-28 20:22:39 +02:00
parent b5e96e02c3
commit 0fa4e1107b
5 changed files with 33 additions and 42 deletions
--- a/apps/dispatch/app/dispatch/_components/pannel/OpenButton.tsx
+++ b/apps/dispatch/app/dispatch/_components/pannel/OpenButton.tsx
@@ -1,20 +0,0 @@
-"use client";
-import { usePannelStore } from "_store/pannelStore";
-import { cn } from "helpers/cn";
-
-export const OpenButton = () => {
-	const { setOpen, isOpen } = usePannelStore();
-	return (
-		<button
-			onClick={() => {
-				setOpen(true);
-			}}
-			className={cn(
-				"btn rounded-r-none absolute inset-y-2.5 right-0 z-999999 transition-all duration-500 ease",
-				isOpen && "transform translate-x-full",
-			)}
-		>
-			Neuer Einsatz
-		</button>
-	);
-};
--- a/apps/dispatch/app/dispatch/page.tsx
+++ b/apps/dispatch/app/dispatch/page.tsx
@@ -1,6 +1,5 @@
 "use client";

-import { OpenButton } from "dispatch/_components/pannel/OpenButton";
 import { Pannel } from "dispatch/_components/pannel/Pannel";
 import { usePannelStore } from "_store/pannelStore";
 import { cn } from "helpers/cn";
@@ -13,7 +12,6 @@ const DispatchPage = () => {
 		<div className="relative flex-1 flex transition-all duration-500 ease w-full">
 			{/* <MapToastCard2 /> */}
 			<div className="flex flex-1 relative">
-				<OpenButton />
 				<Map />
 			</div>
 			<div
--- a/apps/hub/app/(app)/admin/user/action.ts
+++ b/apps/hub/app/(app)/admin/user/action.ts
@@ -1,5 +1,4 @@
 "use server";
-import { PrismaClient } from "@prisma/client";
 import { prisma, Prisma } from "@repo/db";
 import bcrypt from "bcryptjs";
 import { sendMailByTemplate } from "../../../../helper/mail";
@@ -14,7 +13,11 @@ export const editUser = async (id: string, data: Prisma.UserUpdateInput) => {
 };

 export const resetPassword = async (id: string) => {
-	const password = Math.random().toString(36).slice(-8);
+	const array = new Uint8Array(8);
+	crypto.getRandomValues(array);
+	const password = Array.from(array, (byte) =>
+		("0" + (byte % 36).toString(36)).slice(-1),
+	).join("");
 	const hashedPassword = await bcrypt.hash(password, 12);

 	const user = await prisma.user.update({
--- a/apps/hub/app/(auth)/oauth/_components/action.ts
+++ b/apps/hub/app/(auth)/oauth/_components/action.ts
@@ -1,7 +1,7 @@
-'use server';
-import { getServerSession } from '../../../api/auth/[...nextauth]/auth';
-import { Service } from '../page';
-import { PrismaClient } from '@repo/db';
+"use server";
+import { getServerSession } from "../../../api/auth/[...nextauth]/auth";
+import { Service } from "../page";
+import { PrismaClient } from "@repo/db";

 const prisma = new PrismaClient();

@@ -9,9 +9,15 @@ export const generateToken = async (service: Service) => {
 	const session = await getServerSession();
 	if (!session) return null;

-  const accessToken = Array.from({ length: 10 }, () =>
-    Math.floor(Math.random() * 10)
-  ).join('');
+	const key = await crypto.subtle.generateKey(
+		{ name: "HMAC", hash: "SHA-256" },
+		true,
+		["sign"],
+	);
+	const exportedKey = await crypto.subtle.exportKey("raw", key);
+	const accessToken = Array.from(new Uint8Array(exportedKey))
+		.map((byte) => byte.toString(16).padStart(2, "0"))
+		.join("");

 	const code = await prisma.oAuthToken.create({
 		data: {
--- a/apps/hub/app/(auth)/passwort-reset/action.ts
+++ b/apps/hub/app/(auth)/passwort-reset/action.ts
@@ -16,7 +16,11 @@ export const resetPassword = async (email: string) => {
 			return { error: "Nutzer nicht gefunden" };
 		}

-		const password = Math.random().toString(36).slice(-8);
+		const array = new Uint8Array(8);
+		crypto.getRandomValues(array);
+		const password = Array.from(array, (byte) =>
+			("0" + (byte % 36).toString(36)).slice(-1),
+		).join("");
 		const hashedPassword = await bcrypt.hash(password, 12);
 		await prisma.user.update({
 			where: {