Security: don't print/return user token

Question

Security: don't print/return user token

Closed this issue 4 months ago · 0 comments

When I do PkgAuthentication.authenticate() it prints all my sensitive token data to screen, which isn't great. Anyone who can photograph my screen (which might be projected or recorded) can now impersonate me. So we should probably avoid printing or even returning this data.