[FR] Improve first account creation #5247
Labels
enhancement
This is an suggested enhancement or new feature
Fund
This issue can be specifically funded for development
security
Relates to a security issue
setup
Relates to the InvenTree setup / installation process
Milestone
Please verify that this feature request has NOT been suggested before.
Problem statement
Currently you either get issued credentials for the first login (by the packaged installer) or need to run a command to get your intial admin account. This works but leaves the admin to either
Suggested solution
With django-sesame integrated in #5209 we can now issue links that log users in. This means we can add a task that creates an empty admin user account and a scoped login url that can be used by an admin to login in and register in 1 step. This could later be expanded to flow into #2284 creating an easy and secure setup experience.
Describe alternatives you've considered
We could change the current creation task to include a login link (with the created users credentials) but that is pretty insecure.
Examples of other systems
most self-hosted enterprise solutions provide a first-use token
Do you want to develop this?
Upvote & Fund
The text was updated successfully, but these errors were encountered: