Open TCHayes opened 7 years ago
Security: Username/password authentication is functional, but a user can sidestep that process by simply setting a cookie in their browser with the key 'token' and value of whichever username they wish to log in as.
Security: Username/password authentication is functional, but a user can sidestep that process by simply setting a cookie in their browser with the key 'token' and value of whichever username they wish to log in as.