zulhfreelancer
Joined 8/19/2016
zulhfreelancer said about 8 years ago on Rails API - Authentication with JWT :
Thanks Dave for making this video. I've question about the login. That means, for the very first client request to server, the client actually sending a plain text password. Right? How secure is that? If I'm not mistaken, everything that client sends to server will be show up inside the server logs. Please clarify.

zulhfreelancer said about 8 years ago on Rails API - Authentication with JWT :

Thanks. What do you mean by this?

"...Unless the form is posted to an endpoint over SSL, the password would also be sent over plaintext."

I'm not quite get it.