Closed cskeogh closed 4 years ago
Warning when compiling the front end of hcp (not a major issue since we don't seem to be building the hcp front end through GitHub Action)
Thank you, now fixed.
Can't register more than 1 account (not a major issue since we only need 1 account for the demo anyway). If there is an existing account the following error will be received.
This shouldn't happen. This PR has changed the database schema (HCPUser). Can you delete your hcpusers
table in Mongo Compass and try again?
incorrectPasswordAttempt did not reset upon successful login
Thank you, fixed.
a newly created hcp account had their "locked" attribute set to "true" as default.
This is a security feature to prevent an attacker stealing a HCP's computer and immediately registering an account. This pull request's README.md states:
and I wrote in the pull request:
After registering, HCP accounts are locked awaiting vetting from the Slowvid administrators.
Implement future enhancements from PR #88.
After registering, HCP accounts are locked awaiting vetting from the Slowvid administrators. To unlock account, use MongoDB Compass to set
locked
tofalse
.Lock accounts with too many incorrect password attempts. This is a security feature to mitigate against a brute force attack on the password.
Implement minimum password requirements.
Closes #91