Flexla54
commented
1 year ago I'd implement this by randomly generate a basic user and hand it over via the CLI. I prefer this approach because there are no unnecessary vulnerabilities like setting a useless password (e.g. "Sport") and/or making it possible for strangers to obtain credentials via a man-in-the-middle attack.
Outgoing tasks:
- [x] Implement the logic in the middleware folder
- [x] Testing the functionality of the default admin
Currenty there is no admin when the system is first deployed (-> No way to set the server up), so the server administrator has to manually add an admin to the database using SQL.
There should be a possibility to gain default credentials for an admin (maybe through a reandomly generated name, pw or through an env variable)