Lantern

Appearance

Security Onboarding Checklist โ€” Lantern โ€‹

Use this checklist to onboard developers and vendors securely.

  • [ ] 2FA/MFA enabled on GitHub and admin consoles
  • [ ] Access granted via least-privilege roles; request through an access ticket
  • [ ] Developer has completed security training / read the security docs
  • [ ] Secrets: no local secrets or service account keys stored in repo
  • [ ] Developer set up with PR process that includes SAST/SCA checks
  • [ ] Developer invited to incident Slack channel and informed of on-call rotation

Admin Authentication Architecture โ€‹

Important: Admin portal authentication is separate from Lantern app passphrase.

Why Separate Authentication? โ€‹

The Lantern app uses the user's passphrase for two purposes:

  1. Firebase Auth password (authentication)
  2. Encryption key derivation (zero-knowledge encryption)

If an admin resets their password through Firebase Auth, it would break their Lantern app encryption (the old salt + new password = wrong key).

Solution: Separate Admin Password โ€‹

  • Admin accounts have a separate adminPasswordHash in adminProfiles collection
  • Admin portal login verifies against this hash via Cloud Function (signInAdmin)
  • Returns a custom Firebase token for session management
  • Resetting admin password does NOT affect Lantern app encryption

For New Admins โ€‹

  1. Admin account is created by existing admin
  2. New admin receives email with setup link
  3. Link goes to ?mode=adminReset&token=xxx
  4. Admin sets their admin portal password (separate from Lantern passphrase)
  5. If they also use Lantern app, they keep their original passphrase for that

Password Reset โ€‹

  • Admin "Forgot Password" uses requestAdminPasswordReset Cloud Function
  • Generates a token stored in adminPasswordResetTokens collection
  • Token valid for 24 hours, single-use
  • Does NOT use Firebase Auth sendPasswordResetEmail
  • firebase-functions/modules/adminAuth.js - Cloud Functions for admin auth
  • admin/src/components/SetAdminPassword.jsx - Admin password setup UI
  • admin/src/firebase.js - signInWithAdminPassword() function

Add this checklist to the onboarding flow and require sign-off by a security reviewer for new contributors to production infrastructure.

Built with VitePress

Copyright ยฉ 2026 Lantern