Till JS
|
4ff3ceb01a
|
harden(mana-sync): fix WebSocket auth, add validation, tests, and docs
Critical security and correctness fixes for the sync server:
Security:
- Fix WebSocket JWT validation — was completely broken (hardcoded
"pending-auth"). Now validates JWT via JWKS, rejects invalid tokens,
enforces 10-second auth deadline, sends auth-ok confirmation.
- Add 10 MB request body size limit (prevents OOM attacks)
- Validate op field (must be insert/update/delete)
- Validate table and id fields (must be non-empty)
- Abort sync on RecordChange failure (was silently continuing)
Correctness:
- Fix silent JSON unmarshal errors in store (now returns error)
- Copy client set before iterating in NotifyUser (prevents race)
- Add write timeout on WebSocket notifications
Testing (19 tests, 0 -> 100% for unit-testable code):
- auth: token extraction, validator init, missing auth handling
- config: defaults, env override, invalid port
- sync: op validation, changeset validation, response format,
field change round-trip, body size constant
Documentation:
- Add CLAUDE.md with architecture, sync protocol, LWW explanation,
API endpoints, configuration, security notes
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
2026-03-28 02:41:56 +01:00 |
|