Versions Compared

Old Version 8

changes.mady.by.user Thomas Droppert

Saved on

compared with

New Version 9

changes.mady.by.user Thomas Droppert

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

<Do not really name the section “Sub-System A”, use a name that describes the responsibility of the sub-system, instead. Provide a section for each sub-system. These sections are iteratively added and refined during the sprints. Examples of sub-systems include Persistent Storage, Business Tier, Web Application, Webservice API. The sub-sections below may be extended if you think this is useful for describing the software design. The sub-sections below are only required for object-oriented sub-systems. Use other means to describe non-OO sub-systems (for instance Javascript modules).>

Design Class Diagram

Image Modified

<Object-oriented sub-systems should be described using a class diagram. If classes or interfaces are used across sub-systems, make sure you mention this in the description of the class diagrams. If your system entails layers, make sure you indicate this in the class diagram, e.g. by means of packages. For each class diagram, make sure you also mention the deployment artifact (from the deployment diagram) it is part of.>

...

<Describe all design decisions made for the sub-system. Provide at least decision descriptions for all frameworks, libraries and other technologies used. Other decisions may be related to software patterns, system-structure, adapted principles or the like.>


Login

Sequence diagram

Image Added

Password Hashing

Decision

Description

Problem/Issue

The password can't be seen in the database, so that hackers aren't able to login to other accounts.
DecisionUsing Argon2, we can hash the passwords of users, so that a hashed password is stored in the database. This prevents hackers from seeing someone elses password.
AlternativesSHA-512, MD5, PBKDF2, BCrypt, and SCrypt (Millington, 2022)
ArgumentsFrom an comment in Baeldung (Millington, 2022), I saw Argon2 being suggested. Going to the Supertokens website (Supertokens Team, 2022), I found a tool that detects how safely a password is. With that Supertokens also recommended to use this hashing tool this march, which is quite recent. It uses more resources from your computer, but it makes a stronger password from it. Regterschot Racing required minimum security, that also includes a hashed password.

...