Lukas
a768a2d303
- Remove the early-return branch that skipped HMAC verification for unsigned tokens - Raise ValueError if the signature separator is absent - Update unwrap_session_token docstring to reflect mandatory signing requirement - Add comprehensive session token signing documentation to Backend-Development.md - Document the session token format, signing/verification pattern, and security rationale All tokens must now carry a valid HMAC-SHA256 signature. Tokens without a signature are rejected immediately. This removes the vulnerability where an attacker with database access could bypass the HMAC layer by using raw tokens. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
6.3 KiB
6.3 KiB