ricardocarva
commented
11 months ago The specified usernameField and passwordField values in the code snippet don't represent actual login credentials; they are simply field names expected in the request body during the authentication process. Attempting to use arbitrary values in these fields for login won't be successful, as they are not hardcoded credentials that grant access. The authentication logic is designed to check the user's provided email and password against existing records in the database, and without a valid match, login attempts will fail.
On File config/passport.js Line 56
Review this potentially hardcoded credential.
See https://sonarcloud.io/project/security_hotspots?id=ricardocarva_MortiSmart&hotspots=AYw2sjNRvs-zeIUQTJiq for more details