Commit b70598
Technical Docs | |
@@ 42,6 42,9@@ | |
## Root User Credentials | |
Root user credentials are hashed using SHA256 for both username and password. These credentials are not stored in the database and instead are stored in a separate config json file. What this means is that in the event of a data breach, the root user credentials are still going to be very secure. | |
## Email/SMTP Credentials | |
+ | ## OpenID Connect(OIDC) User Credentials |
LubeLogger does not store SMTP credentials and in fact should NOT be responsible for storing SMTP credentials. SMTP credentials can only be injected via environment variables or appsettings. | |
+ | If a user registered via OIDC by logging in via the OIDC Provider and then providing a registration token, a randomized hashed password is generated on their behalf. See [[OpenID]] |
+ |