From 92ac9aaa10fcf65a005c4e06245ce4a9427d5148 Mon Sep 17 00:00:00 2001
From: Demian <dalonso@ecotaxi.com>
Date: Tue, 16 Jun 2015 18:25:28 -0300
Subject: Separated the persisted password (hashedPassword) from the password
 sent from the web request. Improved JSON serialization so it doesnt send as a
 response the hashed password and salt.

---
 debug.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'debug.xml')

diff --git a/debug.xml b/debug.xml
index 84587f293..01bb66d60 100644
--- a/debug.xml
+++ b/debug.xml
@@ -43,7 +43,7 @@
         id INT PRIMARY KEY AUTO_INCREMENT,
         name VARCHAR(1024) NOT NULL,
         email VARCHAR(256) NOT NULL UNIQUE,
-        password VARCHAR(1024) NOT NULL,
+        hashedPassword VARCHAR(1024) NOT NULL,
         salt VARCHAR(1024) DEFAULT '' NOT NULL,
         readonly BOOLEAN DEFAULT false NOT NULL,
         admin BOOLEAN DEFAULT false NOT NULL,
@@ -141,8 +141,8 @@
     </entry>
 
     <entry key='database.insertUser'>
-        INSERT INTO user (name, email, password, salt, admin) 
-        VALUES (:name, :email, :password, :salt, :admin);
+        INSERT INTO user (name, email, hashedPassword, salt, admin)
+        VALUES (:name, :email, :hashedPassword, :salt, :admin);
     </entry>
         
     <entry key='database.updateUser'>
@@ -154,7 +154,7 @@
     </entry>
 
     <entry key='database.updateUserPassword'>
-        UPDATE user SET password = :password, salt = :salt WHERE id = :id;
+        UPDATE user SET hashedPassword = :hashedPassword, salt = :salt WHERE id = :id;
     </entry>
     
     <entry key='database.deleteUser'>
-- 
cgit v1.2.3