This meeting involved the State Changers fixing an issue with the sign-up process in a database. They encountered a mistake where the user table stored passwords as plain text. Resolving this involved changing the datatype in the user table from text to password. This transformed the way passwords were stored, securing it further by minimizing the chance for a brute force attack, even if the password was hashed.
Next, they tested the sign-up flow. This test consisted of signing up, logging in with the new account, and verifying that the account operates as expected. Part of this process involved generating and validating an auth token, enabling the user to authenticate actions securely. The State Changers cautioned that the token should start with 'e y' but otherwise didn't require deep understanding of underlying structures. Finally, the State Changers discussed the function 'auth me', an authenticated endpoint. They emphasized the importance of implementing an auth token in the function, a process that required user selection and authentication with the help of a tool represented by a blue magnifying glass icon. The State Changers removed the password from the output for added security and advised monitoring the get record from user line for further adjustments if needed. The meeting was a mix of problem-solving, testing, and implementing security measures in a database system. Their discussions might be beneficial for those interested in user authentication, database management, and application security.
(Source: Office Hours 12/12 )
Join State Change Risk-Free