Add more security and audit

2026-02-28 14:47:33 +01:00
parent db87ea447a
commit 07bcfede75
11 changed files with 386 additions and 76 deletions
--- a/backend/models.py
+++ b/backend/models.py
@@ -106,7 +106,8 @@ class User(UserMixin, db.Model):
    def is_teacher(self):         return self.role == 'teacher'

    def set_password(self, password):
-        self.password_hash = generate_password_hash(password)
+        # scrypt is het sterkste algoritme in werkzeug — veel meer weerstand tegen brute force
+        self.password_hash = generate_password_hash(password, method='scrypt')

    def check_password(self, password):
        if not self.password_hash: