Password field type
We want to introduce a password field type that will mainly be used by the application builder, but can also be used as an authentication backend via the API.
Phase 1 - Field type:
- Introduce a write only field type named "Password".
- It should only be possible to set a new value, not possible to read the existing value. The only thing the backend should expose is whether a password has been set.
- Because we're storing a password, it must be stored as a hash. I'd suggest using the same hashing algorithm we use by default in Django for normal authentication.
- We only want to support the
is empty
andis not empty
filters. - We only want to support the
empty
,filled
,empty percentage
,filled percentage
aggregations. - Sorting and grouping should work, but only sort on the
empty
andnot empty
state. - Exporting to CSV should only expose whether the password was set.
- Duplicating should remember the password that was set.
- If a password is set, we only show that visually as
••••••••••••
in the frontend. Behind the•
is nothing, it's just to visually show that a password has been set. - When the cell is selected, the user can use any key or the change link to switch to the editing state. This always starts empty because the user is then setting a new password.
Phase 2 - API support:
Moved to #2321
Edited by Bram Wiepjes