Replies: 4 comments 2 replies
-
|
Looks to be a good suggestion, we can take this. @Calvinaud would you like to contribute to this? |
Beta Was this translation helpful? Give feedback.
-
|
@DarthBenro008 would you like to share your views on this |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for pointing this out @Calvinaud ! It is indeed true that its not the best practice and we need to use If the following cases are true, we can switch to
@SarthakJain26 can you please confirm if that's the case? |
Beta Was this translation helpful? Give feedback.
-
|
@DarthBenro008 I think this should be fine. We can separate out accounts logged in via dex and normal logged in accounts. And based on this Dex users will not be able to access LitmusUI if admin opts to switch off Dex integration, which is an expected behaviour. |
Beta Was this translation helpful? Give feedback.
-
|
Hello, |
Beta Was this translation helpful? Give feedback.
-
|
@Calvinaud / @DarthBenro008 any interests on picking this up? |
Beta Was this translation helpful? Give feedback.
-
Question
Hello,
My question is around the way the user record is retrieve when connection through Dex.
At the moment, the
emailretrieve from the token is used to retrieve the record corresponding to the user in the DB:In https://github.com/litmuschaos/litmus/blob/master/litmus-portal/authentication/pkg/user/repository.go#L48 it use the
UserNamewhich take the value of the email here: https://github.com/litmuschaos/litmus/blob/master/chaoscenter/authentication/api/handlers/rest/dex_auth_handler.go#L127When looking at some documentation it's often not recommended to use the email for this (as I understand) since it's subject to change and not sure to be unique:
Should the way the record is retrieved be changed so it using the
subclaim instead of theemail?Beta Was this translation helpful? Give feedback.
All reactions