Implement Password Hashing and Verification Service #11
Labels
No labels
CI/CD
MongoDB
PostgreSQL
api
authentication
bug
documentation
duplicate
enhancement
example issue
fix
good first issue
help wanted
high-level requirement
infrastructure
invalid
low-level requirement
medium-level requirement
question
security
test
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
AndreFerreira5/starranja#11
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Create a dedicated service for securely hashing and verifying passwords using
argon2id.Tasks:
password_service.py.hash_password(plain_password).check_password(hashed_password, plain_password).take a look at argon2id, it's the current standard and most secure password hasher. see if it's worth integrating instead of bcrypt
also, we don't use requirements.txt, we are using ub and therefore we work with a pyproject.toml