selfhosted
/
coder
mirror of https://github.com/coder/coder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
6,933 Commits 177 Branches 180 Tags 281 MiB
Commit Graph

7 Commits

Author SHA1 Message Date
Ammar Bandukwala 0d9010e150
chore: fix 30% startup time hit from userpassword (#12769) 
pbkdf2 is too expensive to run in init, so this change makes it load
lazily. I introduced a lazy package that I hope to use more in my
`GODEBUG=inittrace=1` adventure.


Benchmark results:

```
$ hyperfine "coder --help" "coder-new --help"
Benchmark 1: coder --help
  Time (mean ± σ):      82.1 ms ±   3.8 ms    [User: 93.3 ms, System: 30.4 ms]
  Range (min … max):    72.2 ms …  90.7 ms    35 runs
 
Benchmark 2: coder-new --help
  Time (mean ± σ):      52.0 ms ±   4.3 ms    [User: 62.4 ms, System: 30.8 ms]
  Range (min … max):    41.9 ms …  62.2 ms    52 runs
 
Summary
  coder-new --help ran
    1.58 ± 0.15 times faster than coder --help
```
 2024-03-26 20:47:14 -05:00
Kyle Carberry 2ed0eafd75
feat: add minimum password entropy requirements (#6090) 
* feat: add minimum password entropy requirements

* Fix all the tests

* Fix E2E tests
 2023-02-08 14:10:08 -06:00
Garrett Delfosse 24d1a6744a
fix: Add route for user to change own password (#1812) 2022-05-27 17:29:55 +00:00
Colin Adler 1661588bd1
fix: user passwords cleanup (#1202) 
1. Adds benchmarks comparing bcrypt and our pbkdf2 settings
1. Changes the pbkdf2 hash iterations back to 65k. 1024 is insecure
1. Gets rid of the short circuit when the user isn't found, preventing
   timing attacks which can reveal which emails exist on a deployment

```
$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/coder/coder/coderd/userpassword
cpu: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
BenchmarkBcryptMinCost-16        	    1651	    702727 ns/op	    5165 B/op      10 allocs/op
BenchmarkPbkdf2MinCost-16        	    1669	    714843 ns/op	     804 B/op      10 allocs/op
BenchmarkBcryptDefaultCost-16    	      27	  42676316 ns/op	    5246 B/op      10 allocs/op
BenchmarkPbkdf2-16               	      26	  45902236 ns/op	     804 B/op      10 allocs/op
PASS
ok  	github.com/coder/coder/coderd/userpassword	5.036s
```
 2022-04-28 18:22:38 +00:00
Kyle Carberry 02ad3f14f5
chore: Rename Projects to Templates (#880) 
Customer feedback indicated projects was a confusing name.
After querying the team internally, it seemed unanimous
that it is indeed a confusing name.

Here's for a lil less confusion @ashmeer7 🥂
 2022-04-06 12:42:40 -05:00
Kyle Carberry 2654a93132
chore: Fix golangci-lint configuration and patch errors (#34) 
* chore: Fix golangci-lint configuration and patch errors

Due to misconfiguration of a linting rules directory, our linter has not been
working properly. This change fixes the configuration issue, and all remaining
linting errors.

* Fix race in peer logging

* Fix race and return

* Lock on bufferred amount low

* Fix mutex lock
 2022-01-20 10:00:13 -06:00
Kyle Carberry 6a919aea79
feat: Add authentication and personal user endpoint (#29) 
* feat: Add authentication and personal user endpoint

This contribution adds a lot of scaffolding for the database fake
and testability of coderd.

A new endpoint "/user" is added to return the currently authenticated
user to the requester.

* Use TestMain to catch leak instead

* Add userpassword package

* Add WIP

* Add user auth

* Fix test

* Add comments

* Fix login response

* Fix order

* Fix generated code

* Update httpapi/httpapi.go

Co-authored-by: Bryan <bryan@coder.com>

Co-authored-by: Bryan <bryan@coder.com>
 2022-01-20 13:46:51 +00:00