[GH-ISSUE #188] Use hash for user passwords in config file #1331

New Issue

GiteaMirror · 2026-04-16T07:58:38-05:00

GiteaMirror commented

2026-04-16 07:58:38 -05:00

Originally created by @RichyHBM on GitHub (Feb 11, 2025).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/188

Currently the password is saved in plain text which makes it insecure when committing to repos etc. Ideally the installer script would hash the password and then save it to the config in that format.

Imagine the short term migration could be, check user submitted password hashed matches stored hashed password, otherwise just check if both are the same (to account for users that may not have hashed passwords when upgrading)

Bcrypt seems to be a good standard these days

Originally created by @RichyHBM on GitHub (Feb 11, 2025). Original GitHub issue: https://github.com/fosrl/pangolin/issues/188 Currently the password is saved in plain text which makes it insecure when committing to repos etc. Ideally the installer script would hash the password and then save it to the config in that format. Imagine the short term migration could be, check user submitted password hashed matches stored hashed password, otherwise just check if both are the same (to account for users that may not have hashed passwords when upgrading) Bcrypt seems to be a good standard these days

GiteaMirror closed this issue

2026-04-16 07:58:38 -05:00

GiteaMirror commented

2026-04-16 07:58:39 -05:00

@miloschwartz commented on GitHub (Feb 11, 2025):

ALL authentication data (password, access tokens, etc) are hashed according to industry standards before saving in the database. ONLY the main user is stored in the YAML file.

We decided to keep the admin user in the YAML to allow you to easily reset the password without email enabled for password recovery to prevent you from getting locked out. Every time the server starts, it reads this password, hashes it, and inserts it into the database.

If you'd prefer to set this password at runtime via an environment variable, you can set USERS_SERVERADMIN_PASSWORD. This will override the password in the config.yml file, and enables you to use Docker secrets or some other method of loading environment variables securely.

@miloschwartz commented on GitHub (Feb 11, 2025): ALL authentication data (password, access tokens, etc) are hashed according to industry standards before saving in the database. ONLY the main user is stored in the YAML file. We decided to keep the admin user in the YAML to allow you to easily reset the password without email enabled for password recovery to prevent you from getting locked out. Every time the server starts, it reads this password, hashes it, and inserts it into the database. If you'd prefer to set this password at runtime via an environment variable, you can set `USERS_SERVERADMIN_PASSWORD`. This will override the password in the config.yml file, and enables you to use Docker secrets or some other method of loading environment variables securely.

GiteaMirror referenced this issue

2026-04-16 09:27:14 -05:00

[PR #1331] [CLOSED] Bump the prod-minor-updates group across 1 directory with 4 updates #2519

GiteaMirror referenced this issue

2026-04-20 08:53:14 -05:00

[PR #1331] [CLOSED] Bump the prod-minor-updates group across 1 directory with 4 updates #4462

GiteaMirror referenced this issue

2026-04-23 02:32:35 -05:00

[PR #1331] [CLOSED] Bump the prod-minor-updates group across 1 directory with 4 updates #5406

GiteaMirror referenced this issue

2026-04-25 16:11:18 -05:00

[PR #1331] [CLOSED] Bump the prod-minor-updates group across 1 directory with 4 updates #7321