Lantern

Appearance

Security Onboarding Checklist — Lantern

Use this checklist to onboard developers and vendors securely.

  • [ ] 2FA/MFA enabled on GitHub and admin consoles
  • [ ] Access granted via least-privilege roles; request through an access ticket
  • [ ] Developer has completed security training / read the security docs
  • [ ] Secrets: no local secrets or service account keys stored in repo
  • [ ] Developer set up with PR process that includes SAST/SCA checks
  • [ ] Developer invited to incident Slack channel and informed of on-call rotation

Admin Authentication Architecture

Important: Admin portal authentication is separate from Lantern app passphrase.

Why Separate Authentication?

The Lantern app uses the user's passphrase for two purposes:

  1. Firebase Auth password (authentication)
  2. Encryption key derivation (zero-knowledge encryption)

If an admin resets their password through Firebase Auth, it would break their Lantern app encryption (the old salt + new password = wrong key).

Solution: Separate Admin Password

  • Admin accounts have a separate adminPasswordHash in adminProfiles collection
  • Admin portal login verifies against this hash via Cloud Function (signInAdmin)
  • Returns a custom Firebase token for session management
  • Resetting admin password does NOT affect Lantern app encryption

For New Admins

  1. Admin account is created by existing admin
  2. New admin receives email with setup link
  3. Link goes to ?mode=adminReset&token=xxx
  4. Admin sets their admin portal password (separate from Lantern passphrase)
  5. If they also use Lantern app, they keep their original passphrase for that

Password Reset

  • Admin "Forgot Password" uses requestAdminPasswordReset Cloud Function
  • Generates a token stored in adminPasswordResetTokens collection
  • Token valid for 24 hours, single-use
  • Does NOT use Firebase Auth sendPasswordResetEmail
  • firebase-functions/modules/adminAuth.js - Cloud Functions for admin auth
  • admin/src/components/SetAdminPassword.jsx - Admin password setup UI
  • admin/src/firebase.js - signInWithAdminPassword() function

Add this checklist to the onboarding flow and require sign-off by a security reviewer for new contributors to production infrastructure.

Built with VitePress

Copyright © 2026 Lantern