Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Include password hashing in the "postgres authentication" example. #27

Merged
merged 1 commit into from May 22, 2012

Conversation

Projects
None yet
2 participants
Contributor

shish commented May 22, 2012

This does add a small amount of complexity, but it's complexity that every web developer should be required to understand before releasing their code to the world. (For an example of what happens if you keep tutorials simple and sacrifice quality, look at the amount of SQL injections in PHP code that got copy & pasted from tutorials :P)

@shish shish Include password hashing in the "postgres authentication" example.
This does add a small amount of complexity, but it's complexity that every web developer should be required to understand before releasing their code to the world. (For an example of what happens if you keep tutorials simple and sacrifice quality, look at the amount of SQL injections in PHP code that got copy & pasted from tutorials :P)
d18c030

@aaronsw aaronsw added a commit that referenced this pull request May 22, 2012

@aaronsw aaronsw Merge pull request #27 from shish/patch-2
Include password hashing in the "postgres authentication" example.
851990f

@aaronsw aaronsw merged commit 851990f into webpy:master May 22, 2012

Contributor

aaronsw commented May 22, 2012

This is definitely an improvement, but ideally we'd show people how to use bcrypt and store the hash somewhere other than the code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment