esfdk
commented
12 years ago That would some things simpler for det client. Currently we handle the password salting in a poor, roundabout way.
Closed NiklasHansen closed 12 years ago
esfdk
commented
12 years ago That would some things simpler for det client. Currently we handle the password salting in a poor, roundabout way.
I would suggest that the user of the service only needs to input values to be changed, instead of inputting every single value (including those that shouldn't be changed).
One of the current problems is that the password will be re-salted and re-hashed every time. So if you don't send the real, un-hashed password every time you want to edit, the password will be changed.