plan to handle security

hamedpro / freeflow-core

🩵⚡️next generation of decentralised collaboration

3 stars 1 forks source link

Open hamedpro opened 1 year ago

hamedpro commented 1 year ago

there are many things to care in terms of security :

end to end encryption of users files and data, so system itself will not be able to read the transactions or decrypt files.
regular kinds of vulnerability like XSS and ...

hamedpro commented 1 year ago

network protection is already being done here : #41

hamedpro commented 1 year ago

add email changing func and dont forget to verify user before submitting changes (also add more limits to new transaction : for example user can not change his email without verifying that email.)
don't use unauthenticated email or phone number to login through sending a verification code.