diff --git a/backend/README.md b/backend/README.md index d668c5f90..db7224690 100644 --- a/backend/README.md +++ b/backend/README.md @@ -36,13 +36,22 @@ python manage.py runserver localhost:8000 - Server will start and run at port 8000. () -## Default Username and Password +## Setting Username and Password The default username is `unstract` and the default password is `unstract`. -To customize your password, simply navigate to the `.env` file and update the `DEFAULT_AUTH_PASSWORD` config before launching the server. Then use your new password to log in. +To customize your username or password: +1. Navigate to the `.env` file located at `backend`. +2. Update the values for `DEFAULT_AUTH_USERNAME` and `DEFAULT_AUTH_PASSWORD` with strong, unique credentials of your choosing. +3. Save the `.env` file and restart the server to apply changes. + +> **NOTE**: The username `admin` is reserved for Django admin, hence cannot be used. + +To update the username or password after it's been set: +1. Modify the username and password in `.env`. +2. Restart server to apply updates. +3. Login with the new credentials. -To update the password after it's been set, first change it in the .env file, restart the server for it to take effect, then log in using the new password. ## Asynchronous execution/pipeline execution diff --git a/backend/account/authentication_service.py b/backend/account/authentication_service.py index 2484571e9..d37ed473a 100644 --- a/backend/account/authentication_service.py +++ b/backend/account/authentication_service.py @@ -82,6 +82,9 @@ def authenticate_and_login( """ user = authenticate(request, username=username, password=password) if user: + # To avoid conflicts with django superuser + if user.is_superuser: + return False login(request, user) return True # Attempt to initiate default user and authenticate again diff --git a/backend/account/constants.py b/backend/account/constants.py index 34c9a7726..ec246a361 100644 --- a/backend/account/constants.py +++ b/backend/account/constants.py @@ -44,7 +44,7 @@ class ErrorMessage: class DefaultOrg: ORGANIZATION_NAME = "mock_org" MOCK_ORG = "mock_org" - MOCK_USER = "unstract" + MOCK_USER = settings.DEFAULT_AUTH_USERNAME MOCK_USER_ID = "mock_user_id" MOCK_USER_EMAIL = "email@mock.com" MOCK_USER_PASSWORD = settings.DEFAULT_AUTH_PASSWORD diff --git a/backend/backend/settings/base.py b/backend/backend/settings/base.py index c26883d41..555c33ba4 100644 --- a/backend/backend/settings/base.py +++ b/backend/backend/settings/base.py @@ -140,6 +140,7 @@ def get_required_setting( API_STORAGE_DIR = os.environ.get("API_STORAGE_DIR") CACHE_TTL_SEC = os.environ.get("CACHE_TTL_SEC", 10800) +DEFAULT_AUTH_USERNAME = os.environ.get("DEFAULT_AUTH_USERNAME", "unstract") DEFAULT_AUTH_PASSWORD = os.environ.get("DEFAULT_AUTH_PASSWORD", "unstract") # Quick-start development settings - unsuitable for production diff --git a/backend/sample.env b/backend/sample.env index 9da40eeb5..ca94823e9 100644 --- a/backend/sample.env +++ b/backend/sample.env @@ -108,5 +108,6 @@ ENCRYPTION_KEY="Sample-Key" # Cache TTL CACHE_TTL_SEC=10800 -# Default user +# Default auth credentials +DEFAULT_AUTH_USERNAME= DEFAULT_AUTH_PASSWORD= diff --git a/run-platform.sh b/run-platform.sh index 6ed3519f9..ad2dd2232 100755 --- a/run-platform.sh +++ b/run-platform.sh @@ -102,6 +102,8 @@ parse_args() { setup_env() { # Generate Fernet Key. Refer https://pypi.org/project/cryptography/. for both backend and platform-service. ENCRYPTION_KEY=$(python3 -c "import secrets, base64; print(base64.urlsafe_b64encode(secrets.token_bytes(32)).decode())") + DEFAULT_AUTH_KEY="unstract" + for service in "${services[@]}"; do sample_env_path="$script_dir/$service/sample.env" env_path="$script_dir/$service/.env" @@ -113,6 +115,12 @@ setup_env() { echo -e "$blue_text""Adding encryption secret to $service""$default_text" echo "ENCRYPTION_KEY=\"$ENCRYPTION_KEY\"" >> $env_path fi + # Add default auth credentials for backend. + if [ "$service" == "backend" ]; then + echo -e "$blue_text""Adding default auth credentials to $service""$default_text" + echo "DEFAULT_AUTH_USERNAME=\"$DEFAULT_AUTH_KEY\"" >> $env_path + echo "DEFAULT_AUTH_PASSWORD=\"$DEFAULT_AUTH_KEY\"" >> $env_path + fi echo -e "Created env for ""$blue_text""$service""$default_text" at ""$blue_text""$env_path""$default_text"." else echo -e "Found existing env for ""$blue_text""$service""$default_text" at ""$blue_text""$env_path""$default_text"."