diff options
| author | 0livd <github@destras.fr> | 2017-10-23 23:03:44 +0200 |
|---|---|---|
| committer | Alexis Metaireau <alexis@notmyidea.org> | 2017-10-23 23:03:44 +0200 |
| commit | 293735eca715c7cc5221e551e5eb41f92b6abd0f (patch) | |
| tree | 187cc016fc0ad541c19ea42457286287237d329c /CHANGELOG.rst | |
| parent | 74e9af59e6401ea0f83e850019c6f461c63bac31 (diff) | |
| download | ihatemoney-mirror-293735eca715c7cc5221e551e5eb41f92b6abd0f.zip ihatemoney-mirror-293735eca715c7cc5221e551e5eb41f92b6abd0f.tar.gz ihatemoney-mirror-293735eca715c7cc5221e551e5eb41f92b6abd0f.tar.bz2 | |
Make authentication logic simpler and safer (#270)
* Fixed exposed password in session
The project password was set in clear text
in the session cookie. The cookie payload is
only base64 encoded so it must not be used to
store private information. The password is
simply replaced by a boolean.
* Simplify authentication logic
Diffstat (limited to 'CHANGELOG.rst')
| -rw-r--r-- | CHANGELOG.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 27c6cbd..c2dba84 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -17,6 +17,7 @@ Changed ======= - Logged admin can see any project (#262) +- Simpler and safer authentication logic (#270) - Better install doc (#275) Added |