What happens when session_auth_hash is empty? #212
-
I want to migrate to axum-login, however my users does not have access_tokens stored at this time. Adding the referred code as a snippet!
|
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
In the multi-auth example, that's an unreachable branch (users always have passwords). For clarity, it would probably be better to update the example to panic instead of returning an empty array (which only there to satisfy the compiler). For security reasons, you should never use an empty array as the auth hash value. |
Beta Was this translation helpful? Give feedback.
In the multi-auth example, that's an unreachable branch (users always have passwords).
For clarity, it would probably be better to update the example to panic instead of returning an empty array (which only there to satisfy the compiler).
For security reasons, you should never use an empty array as the auth hash value.