How to change admin username and password in JHipster generated code?

Question

I want change the admin default username and password in my JHipster code. How to set a new one?

Answer 1

You can change the credentials of any default user by following the steps mentioned below:

1. Run the frontend and backend application
2. Access the frontend application and login with the user whose credentials you want to update
3. Navigate to the Password section under Accounts dropdown on top right in the top menu bar
4. Update your password
5. Access the database and copy the hashed password string
6. In backend application, locate users.csv file which can be found under the following directory: src/main/resources/config/liquibase/data/users.csv
7. Replace the copied hashed password string with the one in file against that particular user whose password you just changes

Answer 2

You can change/initialize your password with following steps:

Open UserServiceIntTest.java generated by JHipster(or any other test annotated with @SpringBootTest in your project), add following to your XXXTest.java

import org.springframework.security.crypto.password.PasswordEncoder;
...
@Autowired
private PasswordEncoder passwordEncoder;

@Test
public void testPasswordEncoder() {
    // replace "Abcd1234" with your passord
    String hash = passwordEncoder.encode("Abcd1234");
    System.out.println(hash);
}

Copy the generated hash to admin entry of src/main/resources/config/liquibase/users.csv

Compile and restart your application, now you can login with your new password.

Answer 3

As @jperis told in comments, the database is seeded with initial data from src/main/resources/config/liquibase/users.csv (or src/main/resources/config/mongeeze/users.xml in case of MongoDB), so you need to change the admin username and password there.

However, passwords are stored hashed and salted in the database, so there's no easy way to generate a new valid password record manually.

The workaround is to let JHipster update the passwords as @sdoxsee suggested and extract them from the database:

1. Run the generated application
2. Login as admin
3. Change the password from the Password page
4. Access the database and copy the updated password
   • If you chose the H2 database for development, you can open its console at http://localhost:8080/h2-console
5. Paste it to users.csv replacing admin password, optionally change admin username
6. Change the system user password similarly and remove user row

UPDATE

See this JHipster password change utility proposal.

Answer 4

What I've usually done is 1) run the generated application, 2) login as admin (with the default password) 3) change the password for the admin user from the 'Password' page

You probably don't want your real admin password in your source code even if isn't plaintext. Using the approach I suggest above, your new password will only be accessible in your database (and it will be non-plaintext)