Notes posted by aamer

RSS feed
August 14, 2011
0 thanks

Security issue

One thing to note about the code above is that it could have a security issue. If the user changes his/her password, the authentication token should expire. Hence, in a production scenario you should put in the password salt or something to allow the token to become invalidated.