As a user, my password should not be stored in plain text.
Storing passwords in plain text is a significant security risk, as it exposes sensitive information in case of a data breach. To enhance security, passwords should be hashed before being stored in the database.
For this challenge use the bcrypt npm package to hash passwords before they are stored.
Additionally, update the login workflow to work with the now hashed passwords.
You’ll need to make changes in the Authentication and Authorization services.
Passwords should no longer be stored in plain text in the database when an account is created.
The solution must be compatible with existing user workflows (ex: login flow), ensuring a smooth transition without requiring password resets for current users.