Context
We introduced a security risk in our MVP by putting the Authorization salt directly in the code. It was a poor decision, but made for a quick demo of the token generation. Now we need to move it to the configuration so it can be passed in by our build pipelines via environment variables.
Technical Requirements
- Move the salt in the Authorization class to the conf.json.
Context
We introduced a security risk in our MVP by putting the Authorization salt directly in the code. It was a poor decision, but made for a quick demo of the token generation. Now we need to move it to the configuration so it can be passed in by our build pipelines via environment variables.
Technical Requirements