Closed carlan1 closed 1 year ago
I'll look into it
I've tried this locally and I couldn't reproduce it.
I've noticed that's only generating the password if the "credential" collection is not created in the mongodb. @carlan1 are you sure that the db was empty when starting the server?
I've also noticed that there is a piece of code adding another admin user with the environmental variable: DB_ADMIN_USERNAME
Which will create an admin credential with that access key and no password to handle through Oauth (this should be an account on the identity provider)
I've made another test using the local machine to run the server but connecting to a clean mongodb database and I couldn't reproduce this either. I got the password generated and I was again able to log in, through the oauth server using the autogenerated credential.
I wonder if it was a one-off error. Let's ignore it for now, and if it comes up again we can re-open the issue.
There is an issue with key generation under mongoDB database initialization.
Expected behavior: Initializing a LAMP docker stack (while using the default stack as listed under docs.lamp.digital) should initialize a mongoDB container. The mongo container should automatically include a key-value pair (located within a collection called test.credential) with a key name of
secret_key
. The value associated with this key should be equal to the encrypted password used to authenticate the LAMP dashboard.Current behavior: At this time, when inspecting the
test.credential
collection, thesecret_key
field has a default value ofnull
. Therefore, at this time, in order to be able to authenticate the server and log into the dashboard, the administrator needs to manually update this key-value pair with an encrypted custom password (encrypted using theROOT_KEY
in the LAMP stack).Administrators should not be required to manually encrypt and update the secret key. We need to make a change such that there is an automatically generated admin password, and that this default password is equal to the key that is generated in the
server
container logs.