-
Notifications
You must be signed in to change notification settings - Fork 2
Security Issues
Christopher Innaco edited this page Dec 6, 2018
·
4 revisions
There are some issues with the current security of the website that need to be fixed before publication. All known issues should be posted here so that they can be documented and resolved.
- Tokens used for Forgot password and email verification do not expire or get cleaned up
- Login attempts are not monitored or limited
- SSL connection between web application and the databases is needed.
pg-promiseis able to support this. - Workshop specific concerns can be found here