at the moment the password ist stored in plaintext (locally). I can reload the page and then toggle the password visible again. instead of this after a login a session token should be returned for verification (imo). At least the password shouldn't be stored in plaintext in local storage, this is definitely a bad practice.
best regards, thanks for your work
at the moment the password ist stored in plaintext (locally). I can reload the page and then toggle the password visible again. instead of this after a login a session token should be returned for verification (imo). At least the password shouldn't be stored in plaintext in local storage, this is definitely a bad practice.
best regards, thanks for your work