Hi, I use disallow_password_reuse feature in my project and noticed that creating an account takes quite a long time. I knew that generating a secure password hash with a standard price for bcrypt takes about ~ 200ms, but after looking at the metrics on requests, I found that there is some lengthy code execution between requests to the database, similar in duration to generating a hash from a password.
1. Is there any reason to re-generate the password hash?
2. As far as I understand, we could just take the already generated password hash from the account by runtime, because they generated in create action, and this code called in after hook.
3. I also noticed that when creating an account, a password reuse is checked, although this obviously does not make sense, maybe it makes sense to make a flag for the `create` route to skip unnecessary queries to the database?
Thanks,
Aleksei