Skip to content

Change username/password works but creates a duplicate DEFAULT_USER

Created by: lecegues

Description

With the addition of the settings page and the ability to change username/password in feature/photo-upload-settings, it seems that changing the username works, but recreates the default user upon startup

Cause

The cause seems to be because a DEFAULT_USER is defined in the ENV file and is initialized in the initialize.js file; however initialize.js runs every time the system starts. It first checks if the username exists in the database, and if it doesn't it registers it.

  • Therefore, because the username was changed, it will recreate the DEFAULT_USER again

Potential Solutions

  1. Hard check using ID; however, this is not a good practice. First of all, we are using incremental ID's, so if the user is deleted, it will move to the next ID. Additionally, its not a good security practice because incremental ID's can easily be guessed (starts from 0/1).
  2. Create a Unique Identifier: A unique, immutable flag identifier can be associated with the default user like "isDefault"/Roles. This is an identifier that will not be changed and can separate the user from the rest.