I created a new pod and was able to create my account with no issue. Same thing for other people. All good there. I went and changed my password to my user account and it seemed to work, but when I try and log in with it, no go. I had a password reset email sent, successfully reset the password via the email, but then cannot log in with the password.
Ideas of what to look for? Is it possible for the admin to reset someone’s password, if so, how?
Found a password that got me back in somehow. Still would be interesting to know how the passwords are stored and how to reset them if possible.
Passwords are stored as BCrypt hashes with an additional static pepper added before hashing.
As a podmin you can easily manually update a password via the rails console:
$ bin/rails console production
>> user = User.find_by(username: "alice")
>> user.password = "new plaintext password"
Thanks! I figured it was something easy like this.