hedgedoc/test/private-api
David Mehren 3e074d1879
fix(auth): use sha-512 for auth tokens
Bcrypt hashes are too slow to be validated on every request.
As our tokens are random and have a fixed length, it is reasonable
to use SHA-512 instead.

SHA-512 is recommended as cryptographically strong by the BSI:
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf?__blob=publicationFile

Fixes https://github.com/hedgedoc/hedgedoc/issues/1881

Signed-off-by: David Mehren <git@herrmehren.de>
2021-12-13 22:44:38 +01:00
..
fixtures PrivateE2E: Add test fixtures for private api 2021-03-25 22:26:43 +01:00
alias.e2e-spec.ts fix(note): fix type for owner param 2021-11-14 21:46:04 +01:00
auth.e2e-spec.ts AuthController: Return 409 Conflict when user already exists 2021-10-28 10:18:05 +02:00
history.e2e-spec.ts fix(note): fix type for owner param 2021-11-14 21:46:04 +01:00
me.e2e-spec.ts fix(note): fix type for owner param 2021-11-14 21:46:04 +01:00
media.e2e-spec.ts fix(note): fix type for owner param 2021-11-14 21:46:04 +01:00
notes.e2e-spec.ts test: fix note e2e test 'fails, when user can't read note' 2021-12-02 20:41:14 +01:00
register-and-login.e2e-spec.ts Add E2E tests for login and registration 2021-10-28 10:19:48 +02:00
tokens.e2e-spec.ts fix(auth): use sha-512 for auth tokens 2021-12-13 22:44:38 +01:00