sneak/upaas
1
0
Fork 0
Code Issues 6 Pull Requests 6 Actions Packages Projects Releases 1 Wiki Activity

feat: add API token authentication (closes #87) #94

Closed
clawbot wants to merge 4 commits from feature/api-token-auth into main
pull from: feature/api-token-auth
merge into: sneak:main
Conversation 6 Commits 4 Files Changed 21 +1 -1
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit a891fb2489 - Show all commits

2
internal/models/api_token.go
View File

@@ -15,7 +15,7 @@ import (
) )
// tokenRandomBytes is the number of random bytes for token generation. // tokenRandomBytes is the number of random bytes for token generation.
const tokenRandomBytes = 16 const tokenRandomBytes = 32
clawbot commented 2026-02-19 22:50:06 +01:00
Outdated
Review
Copy Link

16 random bytes = 128 bits of entropy. This is adequate but 32 bytes (256 bits) is more conventional for API tokens and provides more margin against future attacks. Low priority.

16 random bytes = 128 bits of entropy. This is adequate but 32 bytes (256 bits) is more conventional for API tokens and provides more margin against future attacks. Low priority.
// tokenPrefix is prepended to generated API tokens. // tokenPrefix is prepended to generated API tokens.
const tokenPrefix = "upaas_" const tokenPrefix = "upaas_"