If we can't use bearer token based auth (or JWT), then we will need to store username/password combinations.
After discussions with @PeterAndrewBriscoe, we definitely don't want to store plaintext passwords. Some solution might be found in storing a combined username + password + salt in a file, which is then used to compared against the same hashed combination when users authenticate.
If we can't use bearer token based auth (or JWT), then we will need to store username/password combinations.
After discussions with @PeterAndrewBriscoe, we definitely don't want to store plaintext passwords. Some solution might be found in storing a combined
username + password + salt
in a file, which is then used to compared against the same hashed combination when users authenticate.Depends on progress (or lack thereof) on #19