Open meganuke20 opened 10 years ago
if you are using basic auth you can simply modify your basic-auth.js add these lines after "app.use(express.basicAuth/function/user, pass) {"
var crypto = require('crypto');
var hash = crypto.createHash('md5').update(pass).digest('hex');
replace "pass" with "hash"
function body should look like this
var crypto = require('crypto');
var hash = crypto.createHash('md5').update(pass).digest('hex');
for (var i in config.basic_auth_users) {
var cred = config.basic_auth_users[i];
if ((cred["user"] === user) && (cred["password"] === hash)){
return true;
}
}
return false;
now you have to store md5-hashes in your config file. I don't know if you have to add this for every authentification method or if there is a central point to edit, but this works for basic auth.
Please add perhaps set passwords in config file as hashes, analogy linux passwords encryption.