Skip to content

Api change user password #1267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
May 24, 2025
Merged

Api change user password #1267

merged 6 commits into from
May 24, 2025

Conversation

wunter8
Copy link
Contributor

@wunter8 wunter8 commented Jan 26, 2025

I'm not sure if this is the best way to implement this, but I added a force param to the "add user" request.

If force == true, it will override the password of an existing user (instead of it causing an error saying that a user already exists).

This will let you change a user's password and preserve the user ID in the database (instead of deleting a user and then creating a new one with the same username)

The "add user" endpoint already requires admin credentials to use, and admins can create and delete users, so I didn't think changing a user's password would be much different.

Admins CANNOT change the password of another admin.

@binwiederhier
Copy link
Owner

This is just an UPSERT, right? Traditionally PUT is used to update and POST to create, according to chatgpt, so I fucked up the original API.. I am not a fan of the force thing. But if you really need it I'll merge it

@wunter8
Copy link
Contributor Author

wunter8 commented May 22, 2025

Yes, traditionally PUT is to update and POST to create. I think I may have noticed a discrepancy when I worked on this, but I'm not at my desk right now to remind myself.

I don't need this. It came up as I was supporting someone on Discord. You can change a password via the command line, so I thought it'd be okay to add it to the API. The alternative is to delete the old user with the existing API and create a new user with the existing API. However, that would result in a new user ID, which I thought might cause problems. Right now, I can't think of any problems specifically, though, since messages are sent to topics and not users.

I'm okay holding off on this for now. We can discuss a different request pattern for changing passwords if you want to make that an option at all.

@binwiederhier
Copy link
Owner

We could just make the PUT always upsert, and make a POST that just creates the user. It's a slight change in the API but it should be fine

@wunter8
Copy link
Contributor Author

wunter8 commented May 22, 2025

Sounds good to me. Will we require a POST before a PUT? Or can you PUT directly?

@binwiederhier
Copy link
Owner

Nah, we could leave the PUT as an UPSERT and just make the POST behave like the current PUT.

So:

  • POST: Creates user, fails if user already exists
  • PUT: Creates user, updates user if it already exists

@wunter8
Copy link
Contributor Author

wunter8 commented May 22, 2025

Want me to do that?

@binwiederhier
Copy link
Owner

Sure :-)

@wunter8 wunter8 force-pushed the api-change-user-password branch from 3c1f1b3 to 98be59d Compare May 23, 2025 00:59
binwiederhier
binwiederhier approved these changes May 23, 2025
View reviewed changes
@wunter8 wunter8 force-pushed the api-change-user-password branch from 98be59d to e36e485 Compare May 23, 2025 01:58
@wunter8
Copy link
Contributor Author

wunter8 commented May 23, 2025

You can now modify the password and/or tier using PUT

@binwiederhier binwiederhier merged commit 65e377e into binwiederhier:main May 24, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@binwiederhier binwiederhier

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wunter8 @binwiederhier