copper-tone-tech/web-hosts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
web-hosts/domains/coppertone.tech/audit-reports/database-audit/sensitive-data-20251123-092506.txt
Derek Williams c7d6786039 Add full web-hosts state
2025-12-26 13:38:04 +01:00

54 lines
6.9 KiB
Plaintext
Raw Permalink Blame History

# Sensitive Data Handling - 20251123-092506
== Password storage columns ==
/home/administrator/projects/coppertone.tech/backend/migrations/005_schema_separation.up.sql:124:-- "user=%s password=%s dbname=%s host=%s sslmode=%s search_path=%s",
/home/administrator/projects/coppertone.tech/backend/migrations/005_schema_separation.up.sql:125:-- user, password, name, host, sslMode, schema
/home/administrator/projects/coppertone.tech/backend/migrations/001_create_users_and_identities.up.sql:14:CREATE TYPE identity_type AS ENUM ('email_password', 'blockchain_address', 'did');
== bcrypt/hash usage (password hashing) ==
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:483: due_date, issued_date, paid_date, blockchain_tx_hash, ipfs_document_cid,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:492: due_date, issued_date, paid_date, blockchain_tx_hash, ipfs_document_cid,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:502: due_date, issued_date, paid_date, blockchain_tx_hash, ipfs_document_cid,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:591: due_date, issued_date, paid_date, blockchain_tx_hash, ipfs_document_cid,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:650: blockchain_tx_hash = $10, ipfs_document_cid = $11, notes = $12
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:754: blockchain_tx_hash, blockchain_network, payment_processor, processor_fee,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:763: blockchain_tx_hash, blockchain_network, payment_processor, processor_fee,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:788: blockchain_tx_hash, blockchain_network, payment_processor, processor_fee,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:798: p.blockchain_tx_hash, p.blockchain_network, p.payment_processor, p.processor_fee,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:862: transaction_id, blockchain_tx_hash, blockchain_network,
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:887: blockchain_tx_hash, blockchain_network, payment_processor, processor_fee,
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:77: // Test hashing
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:78: hashed, err := hashPassword(password)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:80: t.Fatalf("hashPassword() error = %v", err)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:83: if hashed == "" {
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:84: t.Error("hashPassword() returned empty string")
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:87: if hashed == password {
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:88: t.Error("hashPassword() did not hash the password")
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:92: if !checkPasswordHash(password, hashed) {
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:97: if checkPasswordHash("wrongPassword", hashed) {
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:23: "golang.org/x/crypto/bcrypt"
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:160: maxPasswordLength = 72 // bcrypt limit
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:556: passwordHash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:558: http.Error(w, "Failed to hash password", http.StatusInternalServerError)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:785: if err := bcrypt.CompareHashAndPassword([]byte(passwordHash), []byte(req.Password)); err != nil {
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:906: passwordHash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:908: http.Error(w, "Failed to hash password", http.StatusInternalServerError)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1295:func hashPassword(password string) (string, error) {
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1296: hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1300: return string(hash), nil
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1303:func checkPasswordHash(password, hash string) bool {
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1304: return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) == nil
== Encryption columns ==
No encryption found
== PII columns (email, phone, address, ssn) ==
/home/administrator/projects/coppertone.tech/backend/migrations/001_create_users_and_identities.up.sql:5: email VARCHAR(255) UNIQUE, -- Nullable for blockchain-only users
/home/administrator/projects/coppertone.tech/backend/migrations/001_create_users_and_identities.up.sql:10:-- Create index on email for faster lookups
/home/administrator/projects/coppertone.tech/backend/migrations/001_create_users_and_identities.up.sql:11:CREATE INDEX idx_users_email ON users(email) WHERE email IS NOT NULL;
/home/administrator/projects/coppertone.tech/backend/migrations/001_create_users_and_identities.up.sql:14:CREATE TYPE identity_type AS ENUM ('email_password', 'blockchain_address', 'did');
/home/administrator/projects/coppertone.tech/backend/migrations/001_create_users_and_identities.up.sql:21: identifier VARCHAR(500) NOT NULL, -- Email, blockchain address, or DID
/home/administrator/projects/coppertone.tech/backend/migrations/004_approval_workflow_and_audit.up.sql:73: user_email VARCHAR(255), -- Denormalized for when user is deleted
/home/administrator/projects/coppertone.tech/backend/migrations/004_approval_workflow_and_audit.up.sql:77: ip_address INET,
/home/administrator/projects/coppertone.tech/backend/migrations/004_approval_workflow_and_audit.up.sql:198: req.email AS requester_email,
/home/administrator/projects/coppertone.tech/backend/migrations/004_approval_workflow_and_audit.up.sql:201: cli.email AS client_email,
Reference in New Issue View Git Blame Copy Permalink