search

alexhrao / TheGiftHub

An app where users can list what gifts they want, and can reserve gifts for others.
https://www.thegifthub.org
1 stars 0 forks source link

Insecure user tracking #28

Closed alexhrao closed 7 years ago

alexhrao commented 7 years ago

All someone needs to login is the UserID; it uses that from the cookie. We need a cryptographically secure method. Perhaps Password Hash could be handy here?

alexhrao commented 7 years ago

Used PasswordHash