Skip to content

Review & Improve Security #85

Description

@type1fool

Requirements

  • Ensure session tokens are not stored in plaintext
  • Ensure expired tokens are removed
  • Ensure singular session tokens can be invalidated
  • Improve session cookies
  • Mitigate token expiration timing issue
  • Review CSRF protections

Context

@houlette was kind enough to review the package and provide detailed feedback in PR 50.

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
Todo

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions