...
Security decisions
Regterschot indicated at the beginning of the project that for security we only do the much needed securitywe do not have to worry too much about security yet, as they want to have a functional web application first. Therefore we are only implementing security measures for very high security risk scenarios.. Because of this we have chosen to hash the password, we do this because it is legally required and otherwise high fines can come from it.
In additionwe are legally obliged tot do. In addition to this, we have chosen to use a Json Web Token. We do this to ensure that unwanted people cannot can not make calls to the API and only retrieve the data through the Web application.
...