Base64 encode auth tokens (#1029)

* Base64 encode auth tokens to prevent issues in emails This fixes #1023, which should in turn solve some issues people were having with emails. * Make test bcrypt hash things as the auth token isn't one by default * Update ProjectLighthouse/Helpers/CryptoHelper.cs Co-authored-by: Josh <josh@slendy.pw> * Make only email tokens base64 encoded --------- Co-authored-by: Zaprit <zaprit@hugespaceship.io> Co-authored-by: Josh <josh@slendy.pw>
LBPUnion · Jun 29, 2024 · e060f55 · e060f55
1 parent 98a7f95
commit e060f55
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 5 deletions.
diff --git a/ProjectLighthouse.Tests.GameApiTests/Integration/DatabaseTests.cs b/ProjectLighthouse.Tests.GameApiTests/Integration/DatabaseTests.cs
@@ -20,8 +20,8 @@ public async Task CanCreateUserTwice()
 
         int rand = new Random().Next();
 
-        UserEntity userA = await database.CreateUser("unitTestUser" + rand, CryptoHelper.GenerateAuthToken());
-        UserEntity userB = await database.CreateUser("unitTestUser" + rand, CryptoHelper.GenerateAuthToken());
+        UserEntity userA = await database.CreateUser("unitTestUser" + rand, CryptoHelper.BCryptHash(CryptoHelper.GenerateAuthToken()));
+        UserEntity userB = await database.CreateUser("unitTestUser" + rand, CryptoHelper.BCryptHash(CryptoHelper.GenerateAuthToken()));
 
         Assert.NotNull(userA);
         Assert.NotNull(userB);

diff --git a/ProjectLighthouse/Helpers/CryptoHelper.cs b/ProjectLighthouse/Helpers/CryptoHelper.cs
@@ -16,10 +16,15 @@ public static class CryptoHelper
     public static string GenerateAuthToken()
     {
         byte[] bytes = (byte[])GenerateRandomBytes(256);
-
         return BCryptHash(Sha256Hash(bytes));
     }
 
+    public static string GenerateUrlToken()
+    {
+        byte[] bytes = (byte[])GenerateRandomBytes(256);
+        return Convert.ToBase64String(Encoding.UTF8.GetBytes(BCryptHash(Sha256Hash(bytes))));
+    }
+
     public static string ComputeDigest(string path, string authCookie, byte[] body, string digestKey, bool excludeBody = false)
     {
 

diff --git a/ProjectLighthouse/Helpers/EmailHelper.cs b/ProjectLighthouse/Helpers/EmailHelper.cs
@@ -52,7 +52,7 @@ public static async Task SendPasswordResetEmail(DatabaseContext database, IMailS
         {
             Created = DateTime.UtcNow,
             UserId = user.UserId,
-            ResetToken = CryptoHelper.GenerateAuthToken(),
+            ResetToken = CryptoHelper.GenerateUrlToken(),
         };
 
         database.PasswordResetTokens.Add(token);
@@ -92,7 +92,7 @@ public static async Task<bool> SendVerificationEmail(DatabaseContext database, I
         {
             UserId = user.UserId,
             User = user,
-            EmailToken = CryptoHelper.GenerateAuthToken(),
+            EmailToken = CryptoHelper.GenerateUrlToken(),
             ExpiresAt = DateTime.UtcNow.AddHours(6),
         };