Open Gabriele266 opened 3 years ago
The user config file should not contain the password written in clear mode. When managing the user password, use its sha256 instead of the pure password.
When the user writes a password to do the log-in, calculate the hash and control it with the hash saved into the configuration file. This should avoid hacking. The configuration file (root file) should contain the hashed password instead of the clear password. See https://github.com/Gabriele266/MyOlder/blob/master/my_older/lib/managers/user-file-manager.dart
The user config file should not contain the password written in clear mode. When managing the user password, use its sha256 instead of the pure password.
Authentication
When the user writes a password to do the log-in, calculate the hash and control it with the hash saved into the configuration file. This should avoid hacking. The configuration file (root file) should contain the hashed password instead of the clear password. See https://github.com/Gabriele266/MyOlder/blob/master/my_older/lib/managers/user-file-manager.dart