Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why people are still hand rolling common stuff like this is baffling to me. I'm treading on offensive waters here, but I'd guess this is from a nodejs backend, for some reason it seems to be more common to hand roll stuff like this in node than pretty much any other web language/framework I've worked with.


> Why people are still hand rolling common stuff like this is baffling to me

Don't most systems hand roll their own password reset? Using any backend tech, I mean. This isn't crypto, where hand rolling your own solution is almost always a mistake.


I have handrolled a pass reset in node but I didn't give up the key back to the client. In this case it was actually spring framework




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: