[FEATURE_REQUEST] (Debian) Improve built-in auth mechanisms

[Aerowinder]

trafficstars

Is your feature request related to a problem? If so, please describe.

Enabling authentication in Dashy requires a rebuild to take effect, but the ability to rebuild (and save config) is blocked because you've enabled authentication. You are also unable to change a password on an authenticated user for the same reason. This makes authentication impossible to enable without a manual conf.yml edit and manual yarn build from SSH.

Describe the solution you'd like

• When enabling authentication, user should be able to continue making changes until a rebuild expires their credentials.

• If user already exists, but password was changed, user credentials should remain valid until the next rebuild.

• Please notate in red that Dashy requires the SHA-256 hash in what would be the typical password field and not the password itself. It clearly says this, but it wasn't registering for me. I didn't realize this until I looked at the config validator. I've never run across this implementation before, I just assumed it was busted.

Priority

Low (Nice-to-have)

Is this something you would be keen to implement

No

[liss-bot]

If you're enjoying Dashy, consider dropping us a ⭐
_{🤖 I'm a bot, and this message was automated}

[skornel02]

Technically speaking as long as #668 is in place there is no credential that can or can not expire only a client side check for the running config that you are trying to change. As for the hash point you brought up: maybe there could a Javascript hash function (later on a backend hashing) so the user can enter a password?

[liss-bot]

This issue has gone 6 weeks without an update. To keep the ticket open, please indicate that it is still relevant in a comment below. Otherwise it will be closed in 5 working days.

[liss-bot]

This issue was automatically closed because it has been stalled for over 6 weeks with no activity.