gmakstutis/cognee
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix security issue: Hard-coded Superuser Credential Fallback Vulnerability (CWE-798)

Browse source
This commit is contained in:
pensarapp[bot] 2025-06-09 16:51:02 +00:00 committed by GitHub
parent ecbabbd261
commit 092910f1c0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 10 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
cognee/modules/users/methods/create_default_user.py
View file

@ -4,8 +4,15 @@ from cognee.base_config import get_base_config
async def create_default_user():
base_config = get_base_config()
default_user_email = base_config.default_user_email or "default_user@example.com"
default_user_password = base_config.default_user_password or "default_password"
default_user_email = base_config.default_user_email
default_user_password = base_config.default_user_password
if not default_user_email or not default_user_password:
raise RuntimeError(
"Default superuser creation failed: "
"Missing default_user_email and/or default_user_password configuration. "
"These must be explicitly set to create the initial superuser."
)
user = await create_user(
email=default_user_email,
@ -16,4 +23,4 @@ async def create_default_user():
auto_login=True,
)
return user
return user