gitadmin/ArchiTools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

3.14 Password Vault encryption AES-256-GCM server-side

Browse Source 
- Created src/core/crypto/ with AES-256-GCM encrypt/decrypt (PBKDF2 key derivation)
- Created /api/vault route: CRUD with server-side password encryption
- PATCH /api/vault migration endpoint to re-encrypt legacy plaintext passwords
- Rewrote use-vault hook to use dedicated /api/vault instead of generic storage
- Updated UI: amber 'not encrypted' warning  green 'encrypted' badge
- Added ENCRYPTION_SECRET env var to docker-compose.yml and stack.env
- Module version bumped to 0.2.0
This commit is contained in:
AI Assistant
2026-02-28 04:12:44 +02:00
parent f0b3659247
commit 85bdb59da4
10 changed files with 366 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files
stack.env
+3
View File
@@ -23,3 +23,6 @@ NEXTAUTH_SECRET="8IL9Kpipj0EZwZPNvekbNRPhV6a2/UY4cGVzE3n0pUY="
AUTHENTIK_CLIENT_ID="V59GMiYle87yd9VZOgUmdSmzYQALqNsKVAUR6QMi"
AUTHENTIK_CLIENT_SECRET="TMeewkusUro0hQ2DMwS0Z5lNpNMdmziO9WXywNAGlK3Y6Y8HYULZBEtMtm53lioIkszWbpPRQcv1cxHMtwftMvsaSnbliDsL1f707wmUJhMFKjeZ0ypIFKFG4dJkp7Jr"
AUTHENTIK_ISSUER="https://auth.beletage.ro/application/o/architools/"
# Vault encryption (AES-256-GCM)
ENCRYPTION_SECRET="ArchiTools-Vault-2025!SecureKey@AES256"