bookworm-boot

bookworm/bookworm-boot

Fork 0

Commit Graph

Author	SHA1	Message	Date
bookworm	b83c508c22	feat: replace master password auth with time-limited authorization codes Auth codes use format BW-YYYYMMDD-TOKEN (24-hex, 96-bit entropy). Token doubles as the AES-256-CBC decryption key for secrets.enc. Expiry is enforced client-side; format/expiry errors don't consume the 3 valid-attempt quota. - gen-authcode.js: new admin tool — generates BW auth code + re-encrypts secrets.enc - install.ps1: Parse-AuthCode validates format/expiry, Decrypt-Secrets uses token as key - auto-setup.ps1: Show-AuthCodeDialog WinForms input + Parse-AuthCode-GUI loop - Bookworm-Setup.sh: parse_authcode() bash function + while-loop with format/expiry handling Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-06 22:47:04 +08:00

Author

SHA1

Message

Date

bookworm

b83c508c22

feat: replace master password auth with time-limited authorization codes

Auth codes use format BW-YYYYMMDD-TOKEN (24-hex, 96-bit entropy).
Token doubles as the AES-256-CBC decryption key for secrets.enc.
Expiry is enforced client-side; format/expiry errors don't consume
the 3 valid-attempt quota.

- gen-authcode.js: new admin tool — generates BW auth code + re-encrypts secrets.enc
- install.ps1: Parse-AuthCode validates format/expiry, Decrypt-Secrets uses token as key
- auto-setup.ps1: Show-AuthCodeDialog WinForms input + Parse-AuthCode-GUI loop
- Bookworm-Setup.sh: parse_authcode() bash function + while-loop with format/expiry handling

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-06 22:47:04 +08:00

1 Commits