Open dani opened 1 year ago
This was changed to prevent host / credentials leak, though the UX is not the best. What stops you from saving the password in the bookmark file?
I need users to enter the DB password to access it (that's how users are authenticated)
If the bookmark has no password, shouldn't the password field of the welcome page be available ?
If the bookmark is missing the password it's not really a bookmark, ie no one can actually use it without knowing the password. But i understand your point of view regarding the missing field, so we could fix that in future releases.
What is your use case and how are you running Pgweb? If you're running Pgweb for internal users that need access to various DB resources, you could take a look at https://github.com/sosedoff/pgweb/wiki/Connect-Backend - it was designed to eliminate the use of credentials for multi-session setups.
Bookmarks are still useful to pre-fill all the other parameters. My use case is an application appliance, using various postgres databases. Pgweb is exposed by an nginx frontend with no authentication itself, so even if the appliance is usually not exposed to the outside, not everyone having network access should be able to browse the databases. Only admins (tech profiles, having the postgres DB should). I could probably write a connect backend, but bookmarks (without password) was just enough for my use case until 0.13.0
Is this still a limitation in the newer releases? I have the same use case as @dani.
Hi.
Since pgweb 0.13, bookmarks with no password defined aren't working anymore (it was OK in 0.12).
I'm running pgweb with the following args
In /opt/pgweb/bookmarks, I create files like
The idea is to have host, db, user preconfigured when selecting the bookmark, but I must manually enter the DB password.
Since 0.13.0 (and still in 0.14.0), when selecting a bookmark, all the fields are greyed out, so I cannot enter the password anymore