the login process seems secure . But you didn’t check the potential existing user in the signup form, or existing email address. Unless this is managed by the underlying User schema. And you should require a minimal password complexity.
Read morethe login process seems secure . But you didn’t check the potential existing user in the signup form, or existing email address. Unless this is managed by the underlying User schema. And you should require a minimal password complexity.
Read more