Skip to content

Commit

Permalink
Fix rendering issue.
Browse files Browse the repository at this point in the history
  • Loading branch information
@devzaryab
devzaryab committed May 11, 2020
1 parent 338b1f0 commit 81c94cc
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions README.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -283,10 +283,13 @@ Tokens security
Authentication tokens generated by django-sesame contain:

- The primary key of the user for which they were generated;
- A revocation key which is used for invalidating tokens; it includes:
- The hashed password of the user, unless
``SESAME_INVALIDATE_ON_PASSWORD_CHANGE`` is disabled;
- The last login date of the user, if ``SESAME_ONE_TIME`` is enabled.
- A revocation key which is used for invalidating tokens.

The revocation key includes:

- The hashed password of the user, unless
``SESAME_INVALIDATE_ON_PASSWORD_CHANGE`` is disabled;
- The last login date of the user, if ``SESAME_ONE_TIME`` is enabled.

Primary keys are in clear text. If this is a concern, you can write a custom
packer to encrypt them. See "Custom primary keys" above for details.
Expand Down

0 comments on commit 81c94cc

Please sign in to comment.