Project 'gitlab-com/gl-infra/scalability' was moved to 'gitlab-com/gl-infra/observability/team'. Please update any links and bookmarks that may still have the old path.

user.go

7 years ago

d6772117

Add new type of user with password to improve security · d6772117

Steffen Schneider authored 7 years ago

The standard user does not pass around the password anymore.
The newly added user type ("PasswordUser") additionally contains the password of a user. This type should only be used in the store to validate a user when signing in. This approach prevents the password (although it is hashed) from getting out in the far far world.

d6772117

History

Add new type of user with password to improve security

Steffen Schneider authored 7 years ago

The standard user does not pass around the password anymore.
The newly added user type ("PasswordUser") additionally contains the password of a user. This type should only be used in the store to validate a user when signing in. This approach prevents the password (although it is hashed) from getting out in the far far world.