Release 2.0.0 Highlights:
-
Token Security Enhancement: Tokens are now hashed using the SHA-512 algorithm before being stored in the database. This update ensures enhanced security by preventing raw tokens from being exposed in the database.
-
Longer Token Format: The token field in the tokens table has been updated to a fixed length of 128 characters (char(128)), ensuring consistency and compatibility with the new token generation approach.
-
Optimized Token Generation: Replaced the previous random string generation method with a more secure bin2hex(random_bytes(64)) approach for generating 128-character tokens, offering stronger randomness and security.
-
Improved Token Lookup: Tokens are now hashed during queries, ensuring that comparisons in the database are performed against the hashed value, further enhancing security during token validation.