Asymmetric Encryption for Dashboard Login Password

Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: dashboard 登陆密码进行非对称加密

| username: Yifei_Jia

[TiDB Usage Environment] Production Environment
[TiDB Version] v6.5.8
[Reproduction Path] Password encryption in versions above v6.5 and earlier versions
[Encountered Problem: Problem Phenomenon and Impact]
Our platform management system has an automatic function to obtain the dashboard authorization code, which is incompatible after the upgrade.
Call the login interface, and then call the get share code interface after success.

I want to understand the specific encryption method to facilitate the continued use of the original function.

| username: Jasper | Original post link

The new version adds a step for asymmetric encryption of the login password.
You can refer to the login process on the login interface to obtain the token:

  1. Use the API to get /api/user/login_info to obtain the public key and other information.
  2. Use the API /api/user/login to log in, with the payload being the username and password. If a public key exists in the first step, the password needs to be encrypted using the public key.

Reference code:

| username: 呢莫不爱吃鱼 | Original post link

:+1:

| username: system | Original post link

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.