From: Juliusz Chroboczek <jch@irif.fr> To: "Toke Høiland-Jørgensen" <toke@toke.dk> Cc: "Michael Ströder" <michael@stroeder.com>, galene@lists.galene.org Subject: [Galene] Re: Is the passwd file still needed? Date: Fri, 19 Feb 2021 13:47:51 +0100 [thread overview] Message-ID: <87lfbk6x6w.wl-jch@irif.fr> (raw) In-Reply-To: <8735xsl1mq.fsf@toke.dk> >>> With the new hashed-password syntax in group files, user credentials are >>> stored in the JSON for each group. But there's still a mention of a >>> passwd file in the README, but marked as 'optional' - is this still >>> needed? >> AFAICS it's simply used to protect the /stats page (with HTTP basic authc). Right. >>> And is there a way to specify hashed passwords in that file? This file's syntax is going to change, but I'm not quite sure how. Right now, we're duplicating the same entry for a given user in all groups where they have a username; it would be good to be able to say 1. user "toke", has default password "foo"; 2. user "toke" is Op in group A with his default password; 3. user "toke" is Presenter in group B with his default password; 4. user "toke" is Op in this whole set of groups with his default password. One possible solution would be to store default passwords in the "passwd" file, and use the default password in "password" is not present (as opposed to being the empty string, which will have the same meaning as actually). This doesn't solve point (4) above. Ideas welcome, even if they're not accompanied with patches. Please recall that Galène is meant to be easy to install and have minimal dependencies, so anything that relies on an external daemon (SQL) is out of the question; on the other hand, I'm open to solutions that are extensible to third-party authentication or delegation ("login with github") as long as they remain optional. -- Juliusz
next prev parent reply other threads:[~2021-02-19 12:48 UTC|newest] Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-02-19 9:52 [Galene] " Toke Høiland-Jørgensen 2021-02-19 10:44 ` [Galene] " Michael Ströder 2021-02-19 11:48 ` Toke Høiland-Jørgensen 2021-02-19 12:47 ` Juliusz Chroboczek [this message] 2021-02-19 13:01 ` Toke Høiland-Jørgensen 2021-02-19 13:13 ` Juliusz Chroboczek 2021-02-19 13:19 ` Gabriel Kerneis 2021-02-19 13:36 ` Toke Høiland-Jørgensen 2021-02-20 0:52 ` Juliusz Chroboczek 2021-02-20 10:06 ` Rémi Nollet 2021-02-20 11:49 ` Toke Høiland-Jørgensen 2021-02-20 12:09 ` Michael Ströder 2021-02-20 12:22 ` Toke Høiland-Jørgensen 2021-02-23 15:11 ` Dave Taht [not found] ` <YDAEso0xTvoIg+hJ@local> 2021-02-20 12:23 ` Toke Høiland-Jørgensen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style List information: https://lists.galene.org/postorius/lists/galene.lists.galene.org/ * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=87lfbk6x6w.wl-jch@irif.fr \ --to=jch@irif.fr \ --cc=galene@lists.galene.org \ --cc=michael@stroeder.com \ --cc=toke@toke.dk \ --subject='[Galene] Re: Is the passwd file still needed?' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox