lounge add user password #353
Comments
|
I'm sorry to nag, but can you correct the title's spelling to be correct? |
|
You can directly edit/create user files if you so desire. The CLI commands just interact with these files. But what you are suggesting is reasonable. |
xPaw
added
Type: Feature
|
@omnicons good catch :) |
|
I'm not sure how I feel about that. Passing passwords on the command-line is a terrible idea security-wise, as anyone that runs Alternatively, this can also be done in the shell itself: |
|
That's a pretty good point. I'll work on PHP script to write out the JSON. Already looking at the bcyrpt libraries. I'll see what I can come up with. |
|
Does anyone know if Lounge will freak out if there are extra parameters stored in the json file. Hopefully it ignores them? :-) Say... |
|
It will work fine, but it may get erased later when the file is rewritten as it just writes a whitelisted set of properties so I wouldn't count on them staying there. |
astorije
added
Type: Security
|
I suggest closing this for the security concerns @maxpoulin64 exposed above, which I agree with. Any objections? |
Was going to setup a PHP script to execute the add/modify user command(s) but noticed it requires a user to then enter a password securely in the terminal. The documentation look like it allowed a password to be entered in as a parameter but does not currently behave this way.
Examples:
lounge add [user] with no password
would then prompt the user to enter a password
lounge add [user] [password] will not prompt the user to enter a password.
Can this behavior be added into the existing behavior?
The text was updated successfully, but these errors were encountered: