Make bcrypt work factor explicit (13 rounds)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
curo1305
@@ -25,3 +25,15 @@ Added a Groups system (backend models, API, migration) and split the Admin sideb
|
||||
- `frontend/src/components/Sidebar.tsx` — Admin item is now an expandable accordion with Users and Groups sub-items
|
||||
- `backend/STATUS.md` — Documented groups endpoints, models, updated future work
|
||||
- `frontend/STATUS.md` — Documented new routes, pages, API client functions
|
||||
|
||||
---
|
||||
|
||||
# 2026-04-17 — Explicit bcrypt work factor
|
||||
|
||||
**Timestamp:** 2026-04-17T15:00:00Z
|
||||
|
||||
## Summary
|
||||
Made the bcrypt cost factor explicit (13 rounds, ~300 ms) in `hash_password` so it is easy to audit and increase over time.
|
||||
|
||||
## Files Modified
|
||||
- `backend/app/core/security.py` — added `_BCRYPT_ROUNDS = 13`; passed `rounds=` to `bcrypt.gensalt()`
|
||||
|
||||
Reference in New Issue
Block a user