J12934
commented
2 years ago Hi 👋
I understand the problem, I don't really like the proposed solution. Passcodes are currently hashed (bcrypt and stored in the annoations of the teams deployments), also storing them in plain text would make the hashing worthless and would be something I try to avoid in a plattform used to teach security best practices 😅 (yes the admin passcode is currently also stored in the cluster unhashed, we might also want to at least provide the option to pass in a bcrypt hash of the password instead of the plain text value)
As alternative solutions to the problem I'd sugegst:
- Add a "Reset Passcode" button to the admin page, to generate a new passcode for a team. Passcode resetting already exist but is only available to the teams themself (which requires at least one logged in team member)
- Automatically store the passcodes of the teams in their browsers local / session storage and automatically allow them to join teams where they have the tokens stored.
Would these alternatives also solve your problem?
skandix
It would be nice if the token for a team on multi-juicer, could be stored in the metadata regarding the pod. So if everyone in the team forgot their team pincode, they could ask admins of the cluster to recover it by checking the metadata for the team pod.
Like one can for the admin password, as seen in the attached picture. But have the option to attach team pincode to its pod.