Open joaoluis-pdm opened 2 years ago
Up to v0.10.5, the passhash algorithm is clear text.
Suggestion to upgrade it to bcrypt hashing algorithm ( https://www.npmjs.com/package/bcrypt or https://github.com/dcodeIO/bcrypt.js to use in-browser )
Possible places to change: https://github.com/PharmaLedger-IMI/ctr-workspace/blob/b9cef06b0fe5ad119e6974531b3a137f671d7c7e/ctr-backoffice-backend/src/auth/auth.service.ts#L31 and https://github.com/PharmaLedger-IMI/ctr-workspace/blob/v0.10.5/ctr-backoffice-backend/src/ctrial/appuser.service.ts#L100
Up to v0.10.5, the passhash algorithm is clear text.
Suggestion to upgrade it to bcrypt hashing algorithm ( https://www.npmjs.com/package/bcrypt or https://github.com/dcodeIO/bcrypt.js to use in-browser )
Possible places to change: https://github.com/PharmaLedger-IMI/ctr-workspace/blob/b9cef06b0fe5ad119e6974531b3a137f671d7c7e/ctr-backoffice-backend/src/auth/auth.service.ts#L31 and https://github.com/PharmaLedger-IMI/ctr-workspace/blob/v0.10.5/ctr-backoffice-backend/src/ctrial/appuser.service.ts#L100