Add user management UI for admin and regular users (#106)#8937
Open
lstein wants to merge 2 commits intoinvoke-ai:mainfrom
Open
Add user management UI for admin and regular users (#106)#8937lstein wants to merge 2 commits intoinvoke-ai:mainfrom
lstein wants to merge 2 commits intoinvoke-ai:mainfrom
Conversation
* Add user management UI and backend API endpoints Co-authored-by: lstein <111189+lstein@users.noreply.github.com> Fix user management feedback: cancel/back navigation, system user filter, tooltip fix Co-authored-by: lstein <111189+lstein@users.noreply.github.com> Make Back button on User Management page more prominent Co-authored-by: lstein <111189+lstein@users.noreply.github.com> * chore(frontend): typegen --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: lstein <111189+lstein@users.noreply.github.com> Co-authored-by: Lincoln Stein <lincoln.stein@gmail.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: lstein <111189+lstein@users.noreply.github.com>
lstein
requested review from
JPPhoto,
Pfannkuchensack,
blessedcoolant and
dunkeroni
as code owners
github-actions
bot
added
api
python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds a user interface for user management. Users with administrative privileges can add, delete and modify users. Non-admin users can change their display name and password.
What an administrator sees
When a user is logged in as an administrator, clicking on the "Person" icon on the left-hand icon bar brings up this menu:
Select User Management to bring up the user management interface:
From this screen, the administrator can:
Adding a new user
To add a new user, the administrator selects Create User, which brings up this dialogue box:
The administrator can ask the system to generate a strong password, or choose one arbitrarily. An eye icon shows or hides the password. Selecting the Administrator checkbox will grant the user the ability to administer other users, add models, and do other system-wide configuration tasks.
Modifying a user
Clicking on one of the Pencil icons will bring up a dialogue that allows the administrator to change that user's display name and/or change their password. It can also be used to grant/deny administrator access. The dialogue is identical to the new user interface, except that the user's login ID (typically their email address) cannot be changed.
Deleting a user
The trash can icon deletes a user. The system presents a confirmation dialogue before executing the change:
What a non-administrative user sees
When a non-administrative user clicks on the person icon, they have the option of selecting "My Profile" to manage their password and display name.
The My Profile page is pretty basic. It has a field for changing the user's display name (seen by other users) and password. To change their password they must provide the current one. The new password can be typed in manualy, or automatically generated.
API additions
This PR adds the following new backend endpoints:
api/v1/auth/me-- get/update currently logged-in user's info (GET/PATCH)api/v1/auth/generate-password-- generate a strong passwordapi/v1/auth/users-- List users (GET)api/v1/auth/users-- Create a new user (POST)api/v1/auth/users/{user_id}-- get/update/delete a user (GET/PATCH/POST)The first endpoint requires an authentication token matching the ID of the user whose information is being requested. The last three endpoints require a token that grants administrative privileges.
Related Issues / Discussions
There are a few more planned short-term improvements to the multiuser feature. They are:
QA Instructions
Log in as an administrative user and confirm that you can:
Log in as a non-administrative user and confirm that you can:
Merge Plan
Checklist
What's Newcopy (if doing a release after this PR)