auth: User faster app token hash

2025-12-13 18:12:27 +00:00 · 2025-07-22 16:10:19 +02:00
parent 18af1b9aa2
commit ea43876410
1 changed files with 4 additions and 1 deletions
--- a/crates/store_sqlite/src/principal_store.rs
+++ b/crates/store_sqlite/src/principal_store.rs
@@ -206,7 +206,10 @@ impl AuthenticationProvider for SqlitePrincipalStore {
                None,
                None,
                Params {
-                    rounds: 10,
+                    // The app token has a high entropy so we are quite safe from quessing attacks
+                    // Also if an attacker got access to the hashes they'd have already gotten
+                    // access to the whole database.
+                    rounds: 2,
                    ..Default::default()
                },
                &salt,