You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Maybe it is intended, but I think it is a problem to let user set his password to an empty string without even warning. In my app, I do not let him do it, so when he sends an empty password, the document do not validate. The implementation is very basic, based on the idea that if a empty password is passed, the schema do not set hashed_password. Something like this:
schema.virtual('password')
.set(function (password) {
if (password.trim().length) { // this line is new
this._password = password;
this.salt = this.makeSalt();
this.hashed_password = this.encryptPassword(password);
} // and this one, also
})
.get(function() {
return this._password;
});
The text was updated successfully, but these errors were encountered:
Maybe it is intended, but I think it is a problem to let user set his password to an empty string without even warning. In my app, I do not let him do it, so when he sends an empty password, the document do not validate. The implementation is very basic, based on the idea that if a empty password is passed, the schema do not set hashed_password. Something like this:
schema.virtual('password')
.set(function (password) {
if (password.trim().length) { // this line is new
this._password = password;
this.salt = this.makeSalt();
this.hashed_password = this.encryptPassword(password);
} // and this one, also
})
.get(function() {
return this._password;
});
The text was updated successfully, but these errors were encountered: