Merge pull request #1100 from gchq/feature/improved-tokens

Improve token generation and verification
gchq · Feb 21, 2024 · f92379b · f92379b
2 parents dc4743f + a2c5074
commit f92379b
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/backend/src/models/v2/Token.ts b/backend/src/models/v2/Token.ts
@@ -67,7 +67,7 @@ TokenSchema.pre('save', function userPreSave(next) {
     return
   }
 
-  bcrypt.hash(this.secretKey, 10, (err: Error | undefined, hash: string) => {
+  bcrypt.hash(this.secretKey, 8, (err: Error | undefined, hash: string) => {
     if (err) {
       next(err)
       return

diff --git a/backend/src/services/v2/token.ts b/backend/src/services/v2/token.ts
@@ -1,4 +1,4 @@
-import { nanoid } from 'nanoid'
+import { customAlphabet } from 'nanoid'
 
 import { TokenActionsKeys, TokenDoc, TokenScopeKeys } from '../../models/v2/Token.js'
 import Token from '../../models/v2/Token.js'
@@ -13,9 +13,11 @@ interface CreateTokenProps {
   modelIds: Array<string>
   actions: Array<TokenActionsKeys>
 }
+
+const nanoid = customAlphabet('0123456789ABCDEFGHIJKLMNOPQSRTUVWXYZ')
 export async function createToken(user: UserDoc, { description, scope, modelIds, actions }: CreateTokenProps) {
-  const accessKey = nanoid(10)
-  const secretKey = nanoid()
+  const accessKey = `BAC_${nanoid(8)}`
+  const secretKey = `BSK_${nanoid(12)}`
 
   if (scope === 'models') {
     // Checks to make sure the models are valid