Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Make feathers-authentication match security documents #554
This pull request is a simple one that makes the code match the documentation.
Feathers.js documentation currently says HS512 is used for authentication, however, the default
Clearly one or the other is not fully accurate.
This is not reported as a security vulnerability because IMO it doesn't change the security posture of this application too much at this stage. Of course, a much better crypto person than I could say I am completely wrong and there are attacks on the HS256 construct that I am unaware of.
This hasn't been tested aside from changing the values and watching tests pass.