From 8c2b8c352f8c980c79bb4bb4772e8cbc02d14164 Mon Sep 17 00:00:00 2001
From: Peter Stone <thepeterstone@gmail.com>
Date: Mon, 26 Jan 2026 07:03:53 -1000
Subject: Phase 3: Error handling and security hardening

- Handle JSON marshal errors in sqlite.go (log + fallback to empty array)
- Add 30s timeout to Google Calendar client initialization
- Fix CSRF timing attack by using subtle.ConstantTimeCompare

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 internal/auth/middleware.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'internal/auth')

diff --git a/internal/auth/middleware.go b/internal/auth/middleware.go
index b440032..ecdde82 100644
--- a/internal/auth/middleware.go
+++ b/internal/auth/middleware.go
@@ -3,6 +3,7 @@ package auth
 import (
 	"context"
 	"crypto/rand"
+	"crypto/subtle"
 	"encoding/base64"
 	"net/http"
 
@@ -82,7 +83,8 @@ func (m *Middleware) CSRFProtect(next http.Handler) http.Handler {
 				requestToken = r.FormValue("csrf_token")
 			}
 
-			if requestToken == "" || requestToken != token {
+			// Use constant-time comparison to prevent timing attacks
+			if requestToken == "" || subtle.ConstantTimeCompare([]byte(requestToken), []byte(token)) != 1 {
 				http.Error(w, "Forbidden - CSRF Token Mismatch", http.StatusForbidden)
 				return
 			}
-- 
cgit v1.2.3