You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Just made this comment on another repo and I know you might not have covered this yet. However:
Looks like you're storing passwords in plain text and then just comparing the user input to what you have in the database when the user logs in.
This is pretty bad practice because if someone steals your database they will have all the user passwords. To prevent this you should hash and salt your passwords and never store the actual plain text password, ever.
Just made this comment on another repo and I know you might not have covered this yet. However:
Looks like you're storing passwords in plain text and then just comparing the user input to what you have in the database when the user logs in.
This is pretty bad practice because if someone steals your database they will have all the user passwords. To prevent this you should hash and salt your passwords and never store the actual plain text password, ever.
Don't really expect you to fix this in a couple of hours code review, but maybe check out how this group did it here:
https://github.com/FAC9/the-badgerer/blob/master/src/handlers/loginHandler.js
and here:
https://github.com/FAC9/the-badgerer/blob/master/src/handlers/newUserHandler.js
The text was updated successfully, but these errors were encountered: