It would be better to use bcrypt, beause its more secure as it's slower (uses more computing cycles).
Your code could also be better:

You wouldn't need salt field in User model, because it's saved into the same field as password does.

For authentication, something like:

var mongoose = require('mongoose'),
  bcrypt = require('bcryptjs');

var userSchema = mongoose.Schema({
  email: String,

When the users change their Facebook password, the page access token gets invalidated. To overcome this, ask the user to reauthorize the Facebook connection

Acceptance Criteria

• Run a cronjob every day to find the invalid token, mark the integration as invalid/needs-reauthorization
• If the flag is set, show a message in the frontend to reauthorize

https://developers.faceboo

Is your feature request related to a problem?

Extra URL controls are unnecessarily shown when editing a pageview action and not using URL.

Describe the solution you'd like

Hide controls when they're irrelevant (area ins

Right now we only set the ip and last_seen_at fields when a customer record is created. Let's update the customer update_metadata endpoint (https://github.com/papercups-io/papercups/blob/master/lib/chat_api_web/controllers/customer_controller.ex#L58) so that it also handles this.

(I think we can just default the last_seen_at field to the current timestamp for now.)

Context

• This is part of release-1.5 #148
• MEDIUM priority task

Tasks

• Remove dependency bcrypt-nodejs in package.json
• Add dependency bcrypt in package.json
• Migrate file app/data/user-dao.js to bcrypt
• Validate the instalation with the local test
• Add and submit the chang