boogerlad/mj - Change WYEWZOEIGDF3SIG6LHQVOKHI6MTDEYMRWZFGDFCEH27EDL2H4BVQC

some comments

Created by kevin on January 13, 2020

WYEWZOEIGDF3SIG6LHQVOKHI6MTDEYMRWZFGDFCEH27EDL2H4BVQC

Dependencies

In channels

main

Change contents

Replacement in server.js at line 159 [3.590]

B:BD[3.4033] → [2.2370:2584]

					let user = (await pool.query('select * from user_account where token_hash = $1 and now() < token_expiry', [crypto.createHash('BLAKE2b512').update(Buffer.from(parameters.token, 'base64')).digest()])).rows[0];

[3.4033]

[3.4222]

					let user = (await pool.query('select * from user_account where token_hash = $1 and now() < token_expiry', [crypto.createHash('BLAKE2b512').update(Buffer.from(parameters.token, 'base64')).digest()])).rows[0];//possible timing attack?

Insertion in server.js at line 251 [3.590]
[2.4797]
[2.4797]
```
			//ws is closed, need to be a global publish
```