bw2
commented
4 years ago Thanks for pointing this out. I think the way to make docker-compose installations more secure is to only expose the seqr container (port 80/8000) outside docker-compose, and keep the container ports (like elasticsearch:9200) hidden inside the default bridge network created by docker-compose - by making the changes here: https://github.com/macarthur-lab/seqr/compare/dev...local_install_updates This way redis (and other services) won't be accessible except from within the seqr container or other containers.
rsolano1-uw
GeorginaAmbriz
hanars
Description Using the documented
docker-compose exec seqr python manage.py createsuperusercommand, two users can be created that share the same email address. Two users cannot be created that share the same username because the script will throw an error if you try to do that. Once two users are created with the same email address, neither user can sign in.Steps to replicate Create two users with
createsuperuser. User 1:User 2:
Now neither user can sign in. Attempting to sign in results in a 'invalid credentials (401)' error on the login page.
Steps to resolve Sign in to the postgres database and
\connect seqrdb, thenselect * from auth_user;and get the row ID of the second user, then rundelete from auth_user where id = X, with X being the row ID. Now user 1 can sign in.Link to page(s) where bug is occurring seqr login page, local setup