This is a bounty to fix a specific security bug in a `registerUser` function where the user ID returned and the JWT subject can mismatch due to separate `Date.now()` calls. The fix involves generating the ID once and ensuring consistency, along with adding a regression test. The scope is very narrow and clearly defined within `authService.js`.
A starter prompt for Claude Code, what you'll need, and how to reach them.
You are an expert full-stack developer. Your task is to fix a security bug in a Node.js API and add a regression test. The bug is that `registerUser()` in `apps/api/src/services/authService.js` currently uses two separate `Date.now()` calls for the returned user `id` and the JWT `sub` claim. This can lead to a mismatch if time advances between calls. Implement a fix to ensure a single user ID is generated and used consistently for both the returned ID and the JWT `sub`. Develop a regression test within the existing API service test suite that explicitly forces the timestamp to advance between the ID generation and token signing, and then verifies that the JWT `sub` matches the user `id` returned by the registration API. The project uses standard Node.js, Express, and JWT. You can mock `Date.now()` for testing. Provide only the modified `authService.js` and the new/modified test file, along with instructions on how to run the new test.
Standard for any GitHub-based project.
Bounty (amount on the issue). ## Bug `registerUser()` currently builds the returned `id` and the JWT `sub` with two separate `Date.now()` calls. If time advances between those calls, the API can return one user id while signing an access token for a different subject. Downstream authenticated requests would then identify a different user than the one returned by registration. ## Expected fix Generate the new user id once, return that id, and sign the access token with the same id as `sub`. Add a regression test that forces the timestamp to advance between calls and verifies the token subject matches the returned id. ## Scope This issue is limited to the registration response/token subject mismatch in `apps/api/src/services/authService.js` plus focused API service test coverage. This issue is limited only to the creator of this issue. This means that only the issue author can attempt to solve this issue. If you would like to work on it, please create another issue with the same contents and refer to issue #743 for more information. References #743.
Standard for JavaScript/TypeScript development.
Understanding token structure and claims is standard.
Specific technique for testing time-sensitive logic - ~1-2 hours of research/practice.
Learn it: Search getting-started ↗
Comment on GitHub issue #2845 in the `SecureBananaLabs/bug-bounty` repository.
“I've reviewed issue #2845 and have a clear understanding of the `registerUser` bug and the required fix, including implementing a regression test for the timestamp advancement. I've already forked the repo and have a working local environment. I can deliver a PR with the fix and tests by [specific date/time].”
Open the original ↗