- User : rethink all password handling and flow...
- Create salt and hashed password on addition
- Update salt and hashed on password update
- Security
- max size of JSON request for API ?
- group & pad & user password must be encrypted (and salted)
- linked group for pad only if auth user is admin
- Point comunication
- Auth with passport, password security
- Permissions
- CLI based upon API
- Communication
- All fns need to be tested, not just public ones
- Email, mdp recup etc