authentication support: work has begun!

Jason A. Donenfeld Jason at
Wed Jan 15 19:29:48 CET 2014

On Wed, Jan 15, 2014 at 7:17 PM, Peter Wu <lekensteyn at> wrote:
> Aside from storing passwords in plaintext, I see no other obvious issues.

I'm not too keen on this either. Care to submit a patch against
jd/authentication that does a crypt() / mkpasswd salted hash
situation? Does luacrypto support this? Investigate it?

> The current login page is cachable, you should add "Cache-Control: private" to
> prevent that.

Excellent idea.

More information about the CGit mailing list