> use etcd to save user information and save user's password after hashed.
Agree with it. Xiran Liu <liuxi...@apache.org> 于2021年8月12日周四 下午2:48写道: > agree with store the user info in etcd, it is easier to manage > > On 2021/08/10 13:08:03, Zeping Bai <bzp2...@apache.org> wrote: > > Hi, sorry, I didn't choose to reply to the email correctly just now, so > > I'll resend it for you. > > > > About "ease of use": > > 1. In the current version, the user is recorded in the configuration > file, > > and the function of configuration resolution is relatively simple. > > When deployed in the docker environment, the configuration cannot > > be overwritten by means of environment variables. > > 2. At the same time, the configuration file cannot be dynamically > > monitored to change the dynamic application configuration. > > > > About "security": I mean some of the most basic functions, such as > password > > hash storage. > > > > I consider changing to use etcd to save user information and save > > user's password after hashed. > > > > Best regards! > > Zeping Bai > > > > Ming Wen <wenm...@apache.org> 于2021年8月10日周二 下午3:37写道: > > > > > > There are problems with ease of use and security. > > > > > > I did not get your point. Can you give me an example? > > > > > > Thanks, > > > Ming Wen, Apache APISIX PMC Chair > > > Twitter: _WenMing > > > > > > > > > Zeping Bai <bzp2...@apache.org> 于2021年8月10日周二 下午3:11写道: > > > > > > > Hi, everyone. > > > > > > > > Currently, dashboard only supports basic username + password login > mode. > > > > Moreover, the password is stored in the configuration file and > password > > > > hash > > > > is not supported. There are problems with ease of use and security. > > > > > > > > I have designed a scheme and a simple code prototype for this, and > > > > published > > > > it on GitHub [1]. I look forward to your feedback to help it become > > > better. > > > > > > > > [1] > > > > > > > > https://github.com/apache/apisix-dashboard/pull/2010#issuecomment-895737216 > > > > > > > > Best regards! > > > > Zeping Bai > > > > > > > > > >
