Initial/default admin user cannot be accessed when using `demo` authentication type
00Chaotic opened this issue · 4 comments
Describe the feature request
Add an email field for the default/initial admin user created on startup so that the user can be accessed even when using the demo authentication type (which only uses email, not username or password).
Background
The configuration options mention that a default admin user is created on startup. If a custom username or password are specified, they will be used instead of the defaults.
When using the demo authentication type, only an email is required to sign in. However, as the admin user is only created with a username and password, and no email, this user cannot be accessed without going into the database and manually adding an email to the admin user.
This effectively means there is no way to perform actions that require admin permissions (including creating new users) without manually making changes to the admin user database record.
Solution suggestions
Adding an email to the default admin user and an email field to the existing initialAdminUser configuration options would allow for the admin user to be used in the demo authentication type.
yes it make sense to allow the admin user to be configured with an email.
That said: "Demo mode" is not an intended way to run Unleash for other things than small Demo/hackathons.
Thanks, while I don't entirely understand the infrastructure we have in place for our implementation of the Unleash server, I believe it's not publicly exposed and involves security mechanisms outside the application itself, so the demo mode is used as a simpler access method that does not require creating user accounts and managing permissions for users across multiple teams.
An alternative solution to the problem described inis to change the input form of demo-login to not require email if the user input is simply "admin".