From: Juliusz Chroboczek <jch@irif.fr>
To: "Toke Høiland-Jørgensen" <toke@toke.dk>
Cc: "Michael Ströder" <michael@stroeder.com>, galene@lists.galene.org
Subject: [Galene] Re: Is the passwd file still needed?
Date: Fri, 19 Feb 2021 13:47:51 +0100 [thread overview]
Message-ID: <87lfbk6x6w.wl-jch@irif.fr> (raw)
In-Reply-To: <8735xsl1mq.fsf@toke.dk>
>>> With the new hashed-password syntax in group files, user credentials are
>>> stored in the JSON for each group. But there's still a mention of a
>>> passwd file in the README, but marked as 'optional' - is this still
>>> needed?
>> AFAICS it's simply used to protect the /stats page (with HTTP basic authc).
Right.
>>> And is there a way to specify hashed passwords in that file?
This file's syntax is going to change, but I'm not quite sure how. Right
now, we're duplicating the same entry for a given user in all groups where
they have a username; it would be good to be able to say
1. user "toke", has default password "foo";
2. user "toke" is Op in group A with his default password;
3. user "toke" is Presenter in group B with his default password;
4. user "toke" is Op in this whole set of groups with his default password.
One possible solution would be to store default passwords in the "passwd"
file, and use the default password in "password" is not present (as
opposed to being the empty string, which will have the same meaning as
actually). This doesn't solve point (4) above.
Ideas welcome, even if they're not accompanied with patches. Please
recall that Galène is meant to be easy to install and have minimal
dependencies, so anything that relies on an external daemon (SQL) is out
of the question; on the other hand, I'm open to solutions that are
extensible to third-party authentication or delegation ("login with github")
as long as they remain optional.
-- Juliusz
next prev parent reply other threads:[~2021-02-19 12:48 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-19 9:52 [Galene] " Toke Høiland-Jørgensen
2021-02-19 10:44 ` [Galene] " Michael Ströder
2021-02-19 11:48 ` Toke Høiland-Jørgensen
2021-02-19 12:47 ` Juliusz Chroboczek [this message]
2021-02-19 13:01 ` Toke Høiland-Jørgensen
2021-02-19 13:13 ` Juliusz Chroboczek
2021-02-19 13:19 ` Gabriel Kerneis
2021-02-19 13:36 ` Toke Høiland-Jørgensen
2021-02-20 0:52 ` Juliusz Chroboczek
2021-02-20 10:06 ` Rémi Nollet
2021-02-20 11:49 ` Toke Høiland-Jørgensen
2021-02-20 12:09 ` Michael Ströder
2021-02-20 12:22 ` Toke Høiland-Jørgensen
2021-02-23 15:11 ` Dave Taht
[not found] ` <YDAEso0xTvoIg+hJ@local>
2021-02-20 12:23 ` Toke Høiland-Jørgensen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.galene.org/postorius/lists/galene.lists.galene.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87lfbk6x6w.wl-jch@irif.fr \
--to=jch@irif.fr \
--cc=galene@lists.galene.org \
--cc=michael@stroeder.com \
--cc=toke@toke.dk \
--subject='[Galene] Re: Is the passwd file still needed?' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox