cardosofelipe/syndarix
1
0
Fork 0
forked from cardosofelipe/fast-next-template
Code Issues 18 Pull Requests Wiki Activity

Improve error handling, logging, and security in authentication services and utilities

Browse Source 
- Refactored `create_user` and `change_password` methods to add transaction rollback on failures and enhanced logging for error contexts.
- Updated security utilities to use constant-time comparison (`hmac.compare_digest`) to mitigate timing attacks.
- Adjusted API responses in registration and password reset flows for better security and user experience.
- Added session invalidation after password resets to enhance account security.
This commit is contained in:
Felipe Cardoso
2025-11-01 01:13:02 +01:00
parent cc98a76e24
commit 4de440ed2d
4 changed files with 82 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/app/api/routes/organizations.py
View File

@@ -62,7 +62,7 @@ async def get_my_organizations(
# Add member count and role to each organization
orgs_with_data = []
for org in orgs:
role = organization_crud.get_user_role_in_org(
role = await organization_crud.get_user_role_in_org(
db,
user_id=current_user.id,
organization_id=org.id