Code-server: Use bcrypt for password parameter

Created on 17 Apr 2019  路  3Comments  路  Source: cdr/code-server

It would be very helpful if the server could take bcrypt passwords, such as the output of htpasswd -nB username and use that username/cypher pair for authentication instead of having cleartext passwords all over the place... :)

enhancement
Source
picture rcarmo
👍8

Most helpful comment

I agree. At that point I think we should implement proper token based authentication. JWT and OAuth2 would be my preferred method. This would also enable different login providers later down the line.

picture lucacasonato on 18 Apr 2019
👍6

All 3 comments

I agree. At that point I think we should implement proper token based authentication. JWT and OAuth2 would be my preferred method. This would also enable different login providers later down the line.

lucacasonato picture lucacasonato on 18 Apr 2019
👍6

+1 for OAuth2, especially with generic providers! I'll be using Keycloak if this becomes an option. i'll open a separate issue for that.

boardfish picture boardfish on 20 Apr 2019

The password is meant more of as a crutch, its best to put a reverse proxy in front for auth.

nhooyr picture nhooyr on 28 Jan 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

pchecinski picture pchecinski  路  3Comments
oonqt picture oonqt  路  3Comments
avelino picture avelino  路  3Comments
Arsaev picture Arsaev  路  3Comments
balazssoltesz picture balazssoltesz  路  3Comments