fix: add maxmem to scrypt params (128MB)

Node's OpenSSL defaults to 32MB scrypt memory limit but N=65536/r=8/p=1 needs ~64MB. Adds maxmem: 128*1024*1024 to all 5 services' hash and verify functions.
2026-03-03 05:11:37 +00:00
parent e16f322869
commit 1d068c3f75
5 changed files with 10 additions and 10 deletions
--- a/products/05-aws-cost-anomaly/src/auth/middleware.ts
+++ b/products/05-aws-cost-anomaly/src/auth/middleware.ts
@@ -96,7 +96,7 @@ export function signToken(payload: AuthPayload, secret: string, expiresIn = '24h
 async function hashPassword(password: string): Promise<string> {
  const salt = crypto.randomBytes(16).toString('hex');
  return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
      if (err) reject(err);
      resolve(`${salt}:${derived.toString('hex')}`);
    });
@@ -106,7 +106,7 @@ async function hashPassword(password: string): Promise<string> {
 async function verifyPassword(password: string, hash: string): Promise<boolean> {
  const [salt, key] = hash.split(':');
  return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
      if (err) reject(err);
      resolve(crypto.timingSafeEqual(Buffer.from(key, 'hex'), derived));
    });