ui/user: Allow setting/changing basic auth passwords in UI #2991
Conversation
allending313
changed the title
|
@allending313 it looks like there's some conflicts that need to be resolved. |
Bumps [playwright](https://github.com/Microsoft/playwright) from 1.32.0 to 1.33.0. - [Release notes](https://github.com/Microsoft/playwright/releases) - [Commits](microsoft/playwright@v1.32.0...v1.33.0) --- updated-dependencies: - dependency-name: playwright dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.5.0 to 3.6.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](coreos/go-oidc@v3.5.0...v3.6.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [@mui/lab](https://github.com/mui/material-ui/tree/HEAD/packages/mui-lab) from 5.0.0-alpha.128 to 5.0.0-alpha.130. - [Release notes](https://github.com/mui/material-ui/releases) - [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md) - [Commits](https://github.com/mui/material-ui/commits/HEAD/packages/mui-lab) --- updated-dependencies: - dependency-name: "@mui/lab" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
allending313
force-pushed
the
feat/2667-reset-password
branch
from
f56b49f to
2dcbd4b
Compare
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
There was a problem hiding this comment.
The code looks good. Functionally validated and seeing a couple of issues to address:
- if
Auth.DisableBasicis set, this form should be disabled with a message (e.g., "password authentication is currently disabled") - It might be a good idea to require
oldPasswordfor the current user, even if they are admin - user accounts created via OIDC or GitHub (i.e., no entry in
auth_basic_users) don't get one set by admin -- "succeeds" but basic auth doesn't work for the user - user accounts created via OIDC or GitHub (i.e., no entry in
auth_basic_users) get an invalid ID when trying to set it for themselves
|
for accounts created via OIDC/Github, should we hide the pw reset fields for those user accounts? (not quite sure how to check for account creation method) |
|
@allending313 Based on recent discussions, disable rather than hide. It tends to be confusing when pieces of the UI are missing entirely. A little text about why it's disabled would also probably help. I'm thinking maybe we can add a We just need to be sure that while an admin can "upsert" a new password, a user can only update an existing one if the old password is specified. |
mastercactapus
changed the title
|
|
The Username field is there for admins to create a basic auth AuthSubject for a user. Normally when a user already has basic auth as an AuthSubject, the pw reset feature would just update that basic auth password. However, if they don't already have an existing basic auth AuthSubject we want admins to have the ability to create one for the user which requires a username for login. |
make checkto catch common errors. Fixed any that came up.Description:
Provides a way for users and admins to reset a basic auth password through the UI.
Which issue(s) this PR fixes:
Fixes #2667
Out of Scope:
Forgot password feature
Screenshots:
Non-Admin view
Admin view
Describe any introduced user-facing changes:
Describe any introduced API changes: