Improve error handling, logging, and security in authentication services and utilities

Browse Source

- Refactored `create_user` and `change_password` methods to add transaction rollback on failures and enhanced logging for error contexts.
- Updated security utilities to use constant-time comparison (`hmac.compare_digest`) to mitigate timing attacks.
- Adjusted API responses in registration and password reset flows for better security and user experience.
- Added session invalidation after password resets to enhance account security.

...

This commit is contained in:

Felipe Cardoso

2025-11-01 01:13:19 +01:00

parent 4de440ed2d

commit 38eb5313fc

1 changed files with 0 additions and 1 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

1

backend/coverage.json

File diff suppressed because one or more lines are too long