xTuple uses the PostgreSQL driver
libpq to connect to the database, and as such it follows the same behaviors that
libpq has, one of which that it supports reading from the
.pgpass file if you have one on your computer, detailed here https://www.postgresql.org/docs/11/libpq-pgpass.html, so if you have saved your username and password in something that uses the
.pgpass, such as pgAdmin, xTuple will be able to read that file and can sign in as you as long as the server name matches. This includes being able to leave off both the username and password as long as they can be read from that file.
.pgpass doesn’t exist,
libpq will assume the currently logged in user as the username, so if you are logged in to your OS as
bekosko and hit login in xTuple, it will assume that as the username even if you don’t enter it. If that is the same as in PostgreSQL, it can match what is in
.pgpass and sign in that way.
Lastly, PostgreSQL has a file on the server
pg_hba.conf, which is what controls access to the server and databases based on host lines https://www.postgresql.org/docs/current/auth-pg-hba-conf.html this can be configured with the
trust, which as it sounds will allow any connection that matches this line in the
pg_hba.conf in without a password if you told it too.
As a best practice, avoid using
trust lines in
pg_hba.conf except under limited instances where you may be granting access to a specific individual computer for purposes such as backup or ETL or something, if you want to make your life easier on sign in use the
.pgpass file locally on your computer but protect it as it will contain the password in plain text.