-
Jakub Vrana authored
Summary: This prevents security by obscurity. If I have read-only access to the database then I can pretend to be any logged-in user. I've used `PhabricatorHash::digest()` (even though we don't need salt as the hashed string is random) to be compatible with user log. Test Plan: Applied patch. Verified I'm still logged in. Logged out. Logged in. $ arc tasks Reviewers: epriestley Reviewed By: epriestley CC: aran, Korvin Differential Revision: https://secure.phabricator.com/D6080
32f91557