## Login and signup functionalities should work ### Here is what happens on login: - take the user's entered password - retrieve the hash and the salt from db - generate a hash with the entered password and salt - compare it with the hash - if it's, set the user into the "session" attribute - derive the aes256 key and be ready to unlock datas from db - redirect user into to the list of his accounts ### Here is what happens on signup - verify if the password is not weak - verify that the email hasn't already been taken - generate a salt - generate a hash with user's password and the salt - persist salt and hash - redirect user into the login and his settings
Login and signup functionalities should work
Here is what happens on login:
Here is what happens on signup