Core icon indicating copy to clipboard operation
Core copied to clipboard
verified publisher icon Resgrid

Hardcoded mongodb credential

Open Escalion opened this issue 4 months ago • 2 comments

There are hardcoded mongodb credentials in several modules. Those wishing to develop can easily create a docker container with the appropriate hostname, however these credentials should probably reference a .env file instead.

Notably, the IMongoRepository<MapLayer> _mapLayersRepository which is used within the live mapping locations (opening the map in mapping or calls), will cause an excessive timeout of ~30 seconds before failing and continuing. This results in long page load times. See : https://github.com/Resgrid/Core/blob/master/Core/Resgrid.Services/MappingService.cs#L16 --> https://github.com/Resgrid/Core/blob/8b3f079e2f0d1ffe792a757886429942b739406e/Core/Resgrid.Config/DataConfig.cs#L28

Locations with hardcoded credentials:

Core/Resgrid.Config/ApiConfig.cs

Core/Resgrid.Config/DataConfig.cs

Core/Resgrid.Config/OidcConfig.cs

Core/Resgrid.Config/AuditConfig.cs

Core/Resgrid.Config/WorkerConfig.cs

Core/Resgrid.Config/ExternalErrorConfig.cs

Repositories/Resgrid.Repositories.DataRepository/App.config

Escalion avatar Sep 09 '25 23:09 Escalion