You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Currently we have a helper class, PasswordCipher, which is used to hash & check passwords. It uses the bcrypt package to do this.
This is fine and most people don't need to change this. However, there are some use-cases for making this configurable:
Someone has really specific ideas about how passwords should be hashed, and don't want to use bcrypt with 12 salt rounds.
Better options than bcrypt become available and people want to take advantage of them
To support running Vendure in environments where native dependencies do not work, e.g. Stackblitz. Currently if we want to run a Vendure server in a Stackblitz webcontainer, it will fail only because of the bcrypt dependency, which is unfortunate.
Describe the solution you'd like
Make it possible to override the default PasswordCipher. This could be done either by adding a new config option to authOptions, or by somehow making it possible to use NestJS DI to do this (needs research).
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Currently we have a helper class, PasswordCipher, which is used to hash & check passwords. It uses the
bcryptpackage to do this.This is fine and most people don't need to change this. However, there are some use-cases for making this configurable:
Describe the solution you'd like
Make it possible to override the default PasswordCipher. This could be done either by adding a new config option to
authOptions, or by somehow making it possible to use NestJS DI to do this (needs research).The text was updated successfully, but these errors were encountered: