gristlabs_grist-core/app/server/lib
Leslie H 24ce54b586
Improve session ID security (#1059)
Follow-up of #994. This PR revises the session ID generation logic to improve security in the absence of a secure session secret. It also adds a section in the admin panel "security" section to nag system admins when GRIST_SESSION_SECRET is not set.

Following is an excerpt from internal conversation.

TL;DR: Grist's current implementation generates semi-secure session IDs and uses a publicly known default signing key to sign them when the environment variable GRIST_SESSION_SECRET is not set. This PR generates cryptographically secure session IDs to dismiss security concerns around an insecure signing key, and encourages system admins to configure their own signing key anyway.

> The session secret is required by expressjs/session to sign its session IDs. It's designed as an extra protection against session hijacking by randomly guessing session IDs and hitting a valid one. While it is easy to encourage users to set a distinct session secret, this is unnecessary if session IDs are generated in a cryptographically secure way. As of now Grist uses version 4 UUIDs as session IDs (see app/server/lib/gristSessions.ts - it uses shortUUID.generate which invokes uuid.v4 under the hood). These contain 122 bits of entropy, technically insufficient to be considered cryptographically secure. In practice, this is never considered a real vulnerability. To compare, RSA2048 is still very commonly used in web servers, yet it only has 112 bits of security (>=128 bits = "secure", rule of thumb in cryptography). But for peace of mind I propose using crypto.getRandomValues to generate real 128-bit random values. This should render session ID signing unnecessary and hence dismiss security concerns around an insecure signing key.
2024-06-25 15:43:25 -04:00
..
AccessTokens.ts (core) add an access token mechanism to help with attachments in custom widgets 2022-07-19 11:55:18 -04:00
ActionHistory.ts (core) Fix issue with lodash's map interpreting objects with length as array-like 2023-07-01 21:07:39 -04:00
ActionHistoryImpl.ts support other SQLite wrappers, and various hooks needed by grist-static (#516) 2023-05-23 15:17:28 -04:00
ActiveDoc.ts (core) Support user variable in dropdown conditions 2024-06-04 06:56:55 -07:00
ActiveDocImport.ts (core) Forms Improvements 2024-03-21 13:01:25 -04:00
AppEndpoint.ts Introduce APP_HOME_INTERNAL_URL and fix duplicate docs (#915) 2024-05-14 12:58:41 -04:00
AppSettings.ts add an endpoint for doing SQL selects (#641) 2023-09-04 09:21:18 -04:00
Assistance.ts (core) Add AI Assistant retry with shorter prompt 2024-02-12 11:06:52 -05:00
Authorizer.ts reconcile boot and admin pages further (#963) 2024-05-23 16:40:31 -04:00
BootProbes.ts Improve session ID security (#1059) 2024-06-25 15:43:25 -04:00
BrowserSession.ts Issue 740 OIDC login redirect (#742) 2023-11-15 09:23:32 -05:00
checksumFile.ts
Client.ts Support HTTP long polling as an alternative to WebSockets (#859) 2024-03-28 13:22:20 -04:00
Comm.ts Support HTTP long polling as an alternative to WebSockets (#859) 2024-03-28 13:22:20 -04:00
configureMinIOExternalStorage.ts Abort when MinIO bucket does not have versioning enabled #545 (#546) 2023-07-10 06:24:55 -04:00
coreCreator.ts Improve session ID security (#1059) 2024-06-25 15:43:25 -04:00
coreLogins.ts Moves core create object and core getLoginSystem to server/lib (#994) 2024-05-23 23:07:46 +01:00
dbUtils.ts Introduce TYPEORM_EXTRA env variable (#770) 2023-11-27 10:47:56 -05:00
DiscourseConnect.ts (core) Adding GristConnect login system 2022-05-18 20:28:25 +02:00
DocApi.ts (core) updates from grist-core 2024-05-23 13:27:59 -04:00
DocClients.ts (core) Exit more cleanly on unhandled errors, and handle errors writing to Clients. 2023-12-01 09:42:00 -05:00
DocManager.ts (core) Support user variable in dropdown conditions 2024-06-04 06:56:55 -07:00
DocPluginData.ts
DocPluginManager.ts (core) Add TSV and DSV import/export 2024-03-20 10:57:21 -04:00
DocSession.ts (core) notify home db of shares when copying/forking/uploading docs 2024-01-23 08:09:20 -05:00
DocSnapshots.ts Track saved version per hour, day, week, month, year, and number of times a version with parameter (#509) 2023-05-12 11:38:29 -04:00
DocStorage.ts add an endpoint for doing SQL selects (#641) 2023-09-04 09:21:18 -04:00
DocStorageManager.ts (core) dust off electron build a little bit 2022-07-29 11:19:26 -04:00
docUtils.d.ts
docUtils.js Correct spelling mistakes 2022-02-19 09:46:49 +00:00
DocWorker.ts (core) New API to collect timing information from formula evaluation. 2024-04-24 11:07:11 +02:00
DocWorkerMap.ts Shutdown Doc worker when it is not considered as available in Redis #831 (#856) 2024-04-04 10:25:42 -04:00
DocWorkerUtils.ts Introduce APP_HOME_INTERNAL_URL and fix duplicate docs (#915) 2024-05-14 12:58:41 -04:00
ExcelFormatter.ts (core) Currency from grist column is persistent when exporting to excel 2023-05-08 10:39:01 +02:00
ExpandedQuery.ts Correct spelling mistakes 2022-02-19 09:46:49 +00:00
Export.ts (core) Adding UI for timing API 2024-05-22 14:56:53 +02:00
ExportDSV.ts (core) Add TSV and DSV import/export 2024-03-20 10:57:21 -04:00
ExportTableSchema.ts Add header=colId option for the table-schema API #719 (#749) 2023-11-17 17:45:15 +02:00
ExportXLSX.ts add hooks for tweaking how downloads happen (for grist-static) (#665) 2023-09-09 14:50:32 -04:00
expressWrap.ts (core) Update dependencies 2023-10-11 17:36:58 -04:00
ExternalStorage.ts Add option to skip Checksum verification between doc storage and Redis #751 (#767) 2024-03-07 14:11:17 -05:00
extractOrg.ts (core) support for bundling custom widgets with the Grist app 2023-10-27 17:00:10 -04:00
FileParserElement.ts
filterUtils.ts (core) uncheck FullCopy special when copying/forking a document 2021-04-29 08:56:54 -04:00
FlexServer.ts FlexServer: add new admin restart endpoint 2024-06-19 11:56:45 -04:00
ForwardAuthLogin.ts (core) Revamp ForwardAuthLogin and unify with GRIST_PROXY_AUTH_HEADER 2023-11-07 16:30:49 -05:00
GoogleAuth.ts Add ws id and doc name params to POST /docs (#655) 2023-09-05 14:27:35 -04:00
GoogleExport.ts Add ws id and doc name params to POST /docs (#655) 2023-09-05 14:27:35 -04:00
GoogleImport.ts (core) Adding DELETE /api/docs/webhooks/queue endpoint to clear the queue 2022-12-01 12:23:19 +01:00
GranularAccess.ts (core) Support user variable in dropdown conditions 2024-06-04 06:56:55 -07:00
GristServer.ts reconcile boot and admin pages further (#963) 2024-05-23 16:40:31 -04:00
GristServerSocket.ts Support HTTP long polling as an alternative to WebSockets (#859) 2024-03-28 13:22:20 -04:00
gristSessions.ts Improve session ID security (#1059) 2024-06-25 15:43:25 -04:00
gristSettings.ts move getTemplateOrg method; enable template org in docker tests (#602) 2023-07-31 16:10:59 -04:00
GristSocketServer.ts (core) Update WS deps after grist-core sync 2024-04-02 23:08:39 -07:00
guessExt.ts (core) Switch excel import parsing from messytables+xlrd to openpyxl, and ignore empty rows 2022-05-12 14:43:21 +02:00
hashingUtils.ts (core) Add Support Grist page and nudge 2023-07-04 17:36:59 -04:00
HashUtil.ts
HostedMetadataManager.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
HostedStorageManager.ts (core) Customizable stripe plans. 2024-05-19 09:09:19 +02:00
httpEncoding.ts (core) External requests 2022-06-17 21:53:20 +02:00
IBilling.ts (core) Add basic activation page to grist-ee 2022-08-23 10:30:52 -07:00
IChecksumStore.ts
ICreate.ts reconcile boot and admin pages further (#963) 2024-05-23 16:40:31 -04:00
IDocStorageManager.ts (core) add a yarn run cli tool, and add a sqlite gristify option 2022-07-14 12:00:30 -04:00
idUtils.ts (core) Persist forks in home db 2023-02-20 22:46:36 -05:00
IElectionStore.ts
initialDocSql.ts Webhook trigger update by column (#832) 2024-04-12 16:04:37 -04:00
INotifier.ts (core) Adding a flag for the UI to check if emails are enabled 2024-04-03 09:50:17 +02:00
InstallAdmin.ts reconcile boot and admin pages further (#963) 2024-05-23 16:40:31 -04:00
ISandbox.ts (core) add a sandbox check to admin panel, and start reconciling boot and admin pages 2024-04-29 20:52:39 -04:00
IShell.ts (core) dust off electron build a little bit 2022-07-29 11:19:26 -04:00
ITestingHooks-ti.ts Introduce APP_HOME_INTERNAL_URL and fix duplicate docs (#915) 2024-05-14 12:58:41 -04:00
ITestingHooks.ts Introduce APP_HOME_INTERNAL_URL and fix duplicate docs (#915) 2024-05-14 12:58:41 -04:00
log.ts fix log.add under electron (#478) 2023-04-03 13:29:35 -04:00
LogMethods.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
manifest.ts (core) support for bundling custom widgets with the Grist app 2023-10-27 17:00:10 -04:00
MemoryPool.ts (core) Manage memory used for websocket responses to reduce the risk of server crashes. 2023-08-07 11:28:31 -04:00
MinimalLogin.ts A set of tweaks to simplify electron packaging (#421) 2023-02-13 15:52:17 -05:00
MinIOExternalStorage.ts Bump minio to v8.0.0 (#991) 2024-06-03 15:20:10 +00:00
NSandbox.ts (core) add a sandbox check to admin panel, and start reconciling boot and admin pages 2024-04-29 20:52:39 -04:00
NullSandbox.ts (core) add a sandbox check to admin panel, and start reconciling boot and admin pages 2024-04-29 20:52:39 -04:00
OIDCConfig.ts OIDC: Support overriding end_session_endpoint using environment variable GRIST_OIDC_IDP_END_SESSION_ENDPOINT (#802) 2024-01-03 15:49:32 -05:00
OnDemandActions.ts (core) Adds a UI panel for managing webhooks 2023-05-08 18:25:27 -04:00
PermissionInfo.ts (core) Support user variable in dropdown conditions 2024-06-04 06:56:55 -07:00
Permit.ts (core) Add new Grist login page 2022-04-01 15:24:19 -07:00
places.ts A set of tweaks to simplify electron packaging (#421) 2023-02-13 15:52:17 -05:00
PluginEndpoint.ts include the @gristlabs/grist-widget package, so Calendar is always available (#745) 2023-11-28 09:28:15 -05:00
PluginManager.ts include the @gristlabs/grist-widget package, so Calendar is always available (#745) 2023-11-28 09:28:15 -05:00
ProcessMonitor.ts (core) Add new telemetry events 2023-11-01 10:49:33 -04:00
ProxyAgent.ts (core) Add logging of errors whenever ProxyAgent is used, and a test for it. 2023-05-17 10:21:53 -04:00
reportTimeTaken.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
Requests.ts REQUEST now supports POST (#588) 2023-07-30 15:13:43 -04:00
requestUtils.ts (core) updates from grist-core 2024-05-23 13:27:59 -04:00
RowAccess.ts (core) control the distribution of attachment metadata 2022-12-22 09:10:30 -05:00
SafePythonComponent.ts (core) Run and test imports only in Python 3, upgrade openpyxl, fix weird date handling 2022-09-02 16:27:34 +02:00
SamlConfig.ts (core) Fix delete user button for Google-only accounts 2023-10-18 10:52:58 -04:00
SandboxControl.ts (core) Update dependencies 2023-10-11 17:36:58 -04:00
sandboxUtil.ts (core) Update logging in sandbox code, and log tracebacks as single log messages. 2023-07-18 11:21:25 -04:00
sendAppPage.ts feat: ADD Terms of service link (#985) 2024-05-16 11:31:37 -04:00
ServerColumnGetters.ts (core) Adding UI for timing API 2024-05-22 14:56:53 +02:00
ServerLocale.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
serverUtils.ts (core) When reporting email in log metadata, use normalized email. 2024-02-15 10:49:01 -05:00
Sessions.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
Sharing.ts (core) updates from grist-core 2024-01-08 09:19:50 -05:00
shortDesc.ts
shutdown.js Don't require running docker with --init to stop with ^C (#892) 2024-03-18 09:49:42 -04:00
SqliteCommon.ts add an endpoint for doing SQL selects (#641) 2023-09-04 09:21:18 -04:00
SQLiteDB.ts add an endpoint for doing SQL selects (#641) 2023-09-04 09:21:18 -04:00
SqliteNode.ts add an endpoint for doing SQL selects (#641) 2023-09-04 09:21:18 -04:00
TableMetadataLoader.ts (core) Improve API Console and link from Document Settings. 2024-01-29 10:08:19 -05:00
TagChecker.ts
Telemetry.ts (core) Renaming installationId metadata for checkUpdateAPI telemetry endpoint. 2024-06-12 16:01:45 +02:00
TestingHooks.ts Introduce APP_HOME_INTERNAL_URL and fix duplicate docs (#915) 2024-05-14 12:58:41 -04:00
TestLogin.ts (core) make the support account configurable, and allow listing public sites 2022-10-14 14:23:59 -04:00
Throttle.ts (core) Fix bugs with intervals 2022-08-25 12:38:36 -07:00
TimeQuery.ts (core) Adds a UI panel for managing webhooks 2023-05-08 18:25:27 -04:00
Triggers.ts Webhook trigger update by column (#832) 2024-04-12 16:04:37 -04:00
UnsafeNodeComponent.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
UpdateManager.ts (core) Renaming installationId metadata for checkUpdateAPI telemetry endpoint. 2024-06-12 16:01:45 +02:00
uploads.ts Introduce APP_HOME_INTERNAL_URL and fix duplicate docs (#915) 2024-05-14 12:58:41 -04:00
WidgetRepository.ts Change how a builtin custom widget bundle is found (#783) 2023-12-05 11:51:22 -05:00
WorkCoordinator.ts support other SQLite wrappers, and various hooks needed by grist-static (#516) 2023-05-23 15:17:28 -04:00
workerExporter.ts Option to export colId as header in CSV / XSLX instead of label (#688) (#692) 2023-10-15 20:17:43 -04:00