Commit b70598
| Technical Docs | |
| @@ 42,6 42,9@@ | |
| ## Root User Credentials | |
| Root user credentials are hashed using SHA256 for both username and password. These credentials are not stored in the database and instead are stored in a separate config json file. What this means is that in the event of a data breach, the root user credentials are still going to be very secure. | |
| ## Email/SMTP Credentials | |
| + | ## OpenID Connect(OIDC) User Credentials |
| LubeLogger does not store SMTP credentials and in fact should NOT be responsible for storing SMTP credentials. SMTP credentials can only be injected via environment variables or appsettings. | |
| + | If a user registered via OIDC by logging in via the OIDC Provider and then providing a registration token, a randomized hashed password is generated on their behalf. See [[OpenID]] |
| + | |