Code Room
Code reviewMediumcr-g563
Subject Crypto securityLevel Mid–Senior~20 minCommon in Security · Algorithms & data structures interviewsIndustries Software development

Question

Review this Ruby user-password code.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewruby
require 'digest' class User < ApplicationRecord  def password=(raw)    self.password_digest = Digest::MD5.hexdigest(raw + SALT)  end   def authenticate(raw)    Digest::MD5.hexdigest(raw + SALT) == password_digest  endend SALT = ENV.fetch('PW_SALT') # one global salt for all users
Run or narrate your approach, then ask the coach.