yusiboyz/platform
1
0
Fork 0
Code Issues 4 Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
79d2c3b4b64d581483bd146758b55407b9e77f4d
platform/services/trips/Dockerfile
Yusuf Suleman d700ba7569 fix(trips): enforce password protection on shared trips (#3) 
- handle_share_api now checks X-Share-Password header against bcrypt hash
  before returning trip data. Returns 401 with {protected: true} if password
  required but not provided/incorrect
- share_password now stored as bcrypt hash, not plaintext
- All plaintext password logging removed from handle_share_verify
- handle_share_verify uses bcrypt.checkpw instead of string equality
- Migration invalidates existing plaintext share passwords (< 50 chars)
- Removed dead hash_password function (used hashlib.sha256)
- Added bcrypt to trips Dockerfile

Closes #3
2026-03-29 08:50:45 -05:00

12 lines
146 B
Docker
Raw Blame History

FROM python:3.12-slim
WORKDIR /app
ENV PYTHONUNBUFFERED=1
RUN pip install --no-cache-dir PyPDF2 bcrypt
COPY . .
CMD ["python3", "server.py"]
Reference in New Issue View Git Blame Copy Permalink