Token storage should use hashes instead of real tokens #165
Description
Provide a brief summary of the planned work
TokenDetailsDao is storing raw token content, which may be insecure.
Detailed overview
Instead of using raw token contents, we should hash them before usage in the persistence layer. So:
- Persistence layer: database models should be clear about using hashes of tokens rather than raw tokens
- Repository layer: rename function arguments and functions to be precise - tokens should not be used raw
- Service layer: Run the conversion using some popular hashing function (not any of the broken ones)
Hint/location:
com.appifyhub.monolith.features.auth.storage.TokenDetailsDao
List the acceptance criteria
- Raw tokens are not stored anymore anywhere in the service
- All queries related to tokens still work using hashes
- Tests are updated and passing with the new behavior
Include any additional notes (optional)
Related issues: