Describe the bug
Component API keys use a non-descriptive number of salts to generate hash:
componentSchema.methods.generateApiKey = async function () {
const component = this;
const apiKey = randomUUID();
const hash = await bcryptjs.hash(apiKey, 8);
component.apihash = hash;
await component.save();
return apiKey;
};
Expected behavior
Replace by descriptive constant
Additional context
https://cwe.mitre.org/data/definitions/547.html
Describe the bug
Component API keys use a non-descriptive number of salts to generate hash:
Expected behavior
Replace by descriptive constant
Additional context
https://cwe.mitre.org/data/definitions/547.html