Stop leaking password-reset tokens through email/logging fallbacks #7

New Issue

Open

opened 2026-03-10 14:40:54 +03:00 by sirily · 0 comments

sirily commented 2026-03-10 14:40:54 +03:00

Owner

Copy Link

Problem
apps/web/src/main.ts constructs reset URLs with live tokens, and packages/providers/src/email.ts logs full outbound email bodies in both the example and fallback transports.

Why this matters
Password-reset tokens become visible in application logs, which is a direct credential-recovery leak.

Acceptance criteria

• Reset tokens are never written to logs.
• Provider fallback behavior fails closed or uses a safe debug mode that redacts secrets.
• Document how password-reset email delivery is safely handled in non-production environments.

Problem `apps/web/src/main.ts` constructs reset URLs with live tokens, and `packages/providers/src/email.ts` logs full outbound email bodies in both the example and fallback transports. Why this matters Password-reset tokens become visible in application logs, which is a direct credential-recovery leak. Acceptance criteria - Reset tokens are never written to logs. - Provider fallback behavior fails closed or uses a safe debug mode that redacts secrets. - Document how password-reset email delivery is safely handled in non-production environments.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

feat/renewal-invoice-window

docs/payment-processor-selection-adr

No results found.

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

sirily

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: sirily/nroxy#7