mirror of
https://github.com/Unleash/unleash.git
synced 2025-01-31 00:16:47 +01:00
c0bcc50b28
https://linear.app/unleash/issue/2-1071/prevent-users-from-disabling-password-authentication-when-there-are-no Improves the behavior of disabling password based login by adding some relevant information and a confirmation dialog with a warning. This felt better than trying to disable the toggle, by still allowing the end users to make the decision, except now it should be a properly informed decision with confirmation.  - **Password based administrators**: Admin accounts that have a password set; - **Other administrators**: Other admin users that do not have a password. May be SSO, but may also be users that did not set a password yet; - **Admin service accounts**: Service accounts that have the admin root role. Depending on how you're using the SA this may not necessarily mean locking yourself out of an admin account, especially if you secured its token beforehand; - **Admin API tokens**: Similar to the above. If you secured an admin API token beforehand, you still have access to all features through the API; Each one of them link to the respective page inside Unleash (e.g. users page, service accounts page, tokens page...); If you try to disable and press "save", and only in that scenario, you are presented with the following confirmation dialog:  |
||
|---|---|---|
| .. | ||
| __snapshots__ | ||
| addons | ||
| db | ||
| domain/project-health | ||
| error | ||
| features | ||
| middleware | ||
| openapi | ||
| proxy | ||
| routes | ||
| schema | ||
| segments | ||
| services | ||
| types | ||
| util | ||
| app.test.ts | ||
| app.ts | ||
| create-config.test.ts | ||
| create-config.ts | ||
| default-custom-auth-deny-all.ts | ||
| internals.ts | ||
| logger.test.ts | ||
| logger.ts | ||
| metric-events.ts | ||
| metrics.test.ts | ||
| metrics.ts | ||
| server-impl.test.ts | ||
| server-impl.ts | ||