admin password is not encrypted and it's not secure

coleifer / sqlite-web

Web-based SQLite database browser written in Python

MIT License

3.35k stars 331 forks source link

admin password is not encrypted and it's not secure #137

Closed rikhtehgaran closed 10 months ago

rikhtehgaran commented 10 months ago

Hi for putting the password we should define the environment password like this: SQLITE_WEB_PASSWORD= it's not secure I suggest another password type like md5. it means I put a password in md5 format but in the browser, I enter the normal password

coleifer commented 10 months ago

bro it's perfectly fine.

rikhtehgaran commented 10 months ago

Do you mean there is no need to add this option? I disagree I don't want to store my password on the server

coleifer commented 10 months ago

Your database presumably lives on the server as well… but more generally you can put nginx or anything else in front of the app and use them for auth if you prefer.