fix: store bearer tokens as SHA-256 hashes instead of plaintext
Hash paired bearer tokens with SHA-256 before storing in config and in-memory. When authenticating, hash the incoming token and compare against stored hashes. Backward compatible: existing plaintext tokens (zc_ prefix) are detected and hashed on load; already-hashed tokens (64-char hex) are stored as-is. Closes #58 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
fettpl
parent
365692853c
commit
b3bfbaff4a
4 changed files with 93 additions and 12 deletions
|
|
@ -366,6 +366,7 @@ impl BrowserTool {
|
|||
}
|
||||
|
||||
#[async_trait]
|
||||
#[allow(clippy::too_many_lines)]
|
||||
impl Tool for BrowserTool {
|
||||
fn name(&self) -> &str {
|
||||
"browser"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue