Feature/totp default admin #126
Conversation
|
Can you fix the commits to credit myself on this? |
agonbar
force-pushed
the
feature/totp_default_admin
branch
2 times, most recently
from
09cce90 to
c63437d
Compare
|
Kudos, SonarCloud Quality Gate passed!
|
|
@jack1902 It should be already changed, maybe not the cleanest way, but I was on the phone. I also tested, the fix needs the email to be something, but that something can be any string, as soon as the user sets up the default account, its overwritten. I tested this branch on clean installs in my machine, in my server and in a raspberry pi and its working with clean installs, please, give it a try and tell me how it went. |
|
Can this just be rebased onto master and PR'd from there ? |
|
It just needs to be reviewed by someone else in order to merge and close this once and for all. Or, seeing that there is a lot of traction lost, I'll wait until next week, if there is no new activity, force merge this and release a version (didn't want to but seems the only reasonable option), then move to the next PR. |
|
@agonbar I applied this PR to my forked repo and have been using it without issues. Just so you know your work wasn't for nothing. |
|
Kudos, SonarCloud Quality Gate passed!
|
|
@agonbar @subspacecommunity/subspace-maintainers fixed the conflicts with version 1.4.1. This is ready to merge. |
|
I was waiting for someone to approve, as I'm the one credited in this PR so I was breaking the rule of 2 approvals, but, there it goes |
to:
cc: @subspacecommunity/subspace-maintainers
related to: #111
resolves: #104
Background
NEW: This fixes a typo in the last commited change, I'll copy all the contents from the original PR
Wanted to secure the default user of subspace with TOTP. Now it is possible to turn on TOTP for the default user by visiting
/settingsand scanning the QR code with your phone (or putting the secret key into something else)Changes
/settings/settings(only visible if TOTP is already configured)Admin(This means both SAML Signed in Admin and the default Admin)Pics
Initial Setup of MFA
Reset MFA (will then result in the above page)
Sign in page for default admin account if TOTP has been saved
Testing
NEW: Run from a clean file, but still needs deep testing.
Ran this locally multiple times on my Droplet in Digital Ocean (i'm using rsync to sync changes to my box and then running
docker-compose up --build -dwhenever changes are made togofiles. For changes related static files i simply specify--debugin the build step forgo-bindataand mountweb/into the running container.go-bindatathen reads these files live on each request :D)