Password saved in plain text on the database + minor issues

wars2k / booktracker

Selfhosted app for organizing your library and tracking your reading habits.

MIT License

45 stars 1 forks source link

Password saved in plain text on the database + minor issues #27

Open ch3p4ll3 opened 11 months ago

ch3p4ll3 commented 11 months ago

Viewing the code, I noticed that the password is saved to the database in plain text without an appropriate hashing algorithm.

Also, it would be more appropriate to use EF Core as the ORM to interface with the DB.

wars2k commented 11 months ago

Thanks for calling this out. Hashing is something I meant to implement but never ended up doing. I'll plan to get it added soon.

EF Core looks really cool. I'm very much a beginner with things like this, but I'll take a closer look and consider using it.

ch3p4ll3 commented 11 months ago

Thanks for calling this out. Hashing is something I meant to implement but never ended up doing. I'll plan to get it added soon.

EF Core looks really cool. I'm very much a beginner with things like this, but I'll take a closer look and consider using it.

Another nice thing about implementing EF Core + ASP.NET is the ability to use Identity for user/permission management.

Btw, keep it up, it's a very nice app