Imagine you write this query:
from User, where: [api_token: ^params["token"]], limit: 1
Now if someone passes no token, you will accidentally login as any of the users without a token.
5 Likes
Imagine you write this query:
from User, where: [api_token: ^params["token"]], limit: 1
Now if someone passes no token, you will accidentally login as any of the users without a token.
© Copyright Elixir Forum | Terms | Privacy & Cookies
