updated todos

author: Andreas Baumann <mail@andreasbaumann.cc> 2015-05-01 16:52:04 +0200
committer: Andreas Baumann <mail@andreasbaumann.cc> 2015-05-01 16:52:04 +0200
commit: 1c58fa7c64843b2655152aed48d0c3dcaa2e28c2 (patch)
tree: b95901506120d14149189611c00eb26c79df3de7 /TODOS
parent: 5d4b181fd85ce6379ec05c1e9e24d0fc94fd8b60 (diff)
download: aCms-1c58fa7c64843b2655152aed48d0c3dcaa2e28c2.tar.gz
aCms-1c58fa7c64843b2655152aed48d0c3dcaa2e28c2.tar.bz2
1 files changed, 7 insertions, 0 deletions
diff --git a/TODOS b/TODOS
index 699fcde..a4e212c 100644
--- a/TODOS
+++ b/TODOS
@@ -1,3 +1,10 @@
 - hash the password, with salt (currently it's plain text which is a no go!)
+- make the login mechanism more robust:
+  - http://www.devarticles.com/c/a/JavaScript/Building-a-CHAP-Login-System-Encrypting-Data-in-the-Client/2/
+  - have a CHAP per default (working also over HTTP)
+  - If there is no Javascript, allow the "plain over HTTPS" fallback
 - check timeout when verifying the registration code of a user
+- database model for a simple CMS
+  - http://www.techrepublic.com/article/two-ways-to-design-a-database-for-a-net-based-cms/
+
author	Andreas Baumann <mail@andreasbaumann.cc>	2015-05-01 16:52:04 +0200
committer	Andreas Baumann <mail@andreasbaumann.cc>	2015-05-01 16:52:04 +0200
commit	1c58fa7c64843b2655152aed48d0c3dcaa2e28c2 (patch)
tree	b95901506120d14149189611c00eb26c79df3de7 /TODOS
parent	5d4b181fd85ce6379ec05c1e9e24d0fc94fd8b60 (diff)
download	aCms-1c58fa7c64843b2655152aed48d0c3dcaa2e28c2.tar.gz aCms-1c58fa7c64843b2655152aed48d0c3dcaa2e28c2.tar.bz2