forked from mirrors/amnezia-wg-easy
feat: generate PASSWORD_HASH on the fly
* remove PASSWORD environment variable in favor of PASSWORD_HASH * enhance password validity check server function * update Dockerfile to include building a binary for generating hashed password * update README with comprehensive Docker usage instructions hash generation
This commit is contained in:
tetuaoro
parent
62ea932d33
commit
9a19430dc8
10 changed files with 458 additions and 12 deletions
|
|
@ -28,22 +28,18 @@ const {
|
|||
PORT,
|
||||
WEBUI_HOST,
|
||||
RELEASE,
|
||||
PASSWORD,
|
||||
PASSWORD_HASH,
|
||||
LANG,
|
||||
UI_TRAFFIC_STATS,
|
||||
UI_CHART_TYPE,
|
||||
} = require('../config');
|
||||
|
||||
const requiresPassword = !!PASSWORD || !!PASSWORD_HASH;
|
||||
const requiresPassword = !!PASSWORD_HASH;
|
||||
|
||||
/**
|
||||
* Checks if `password` matches the PASSWORD_HASH.
|
||||
*
|
||||
* For backward compatibility it also allows `password` to match the clear text PASSWORD,
|
||||
* but only if no PASSWORD_HASH is provided.
|
||||
*
|
||||
* If both enviornment variables are not set, the password is always invalid.
|
||||
* If environment variable is not set, the password is always invalid.
|
||||
*
|
||||
* @param {string} password String to test
|
||||
* @returns {boolean} true if matching environment, otherwise false
|
||||
|
|
@ -56,9 +52,6 @@ const isPasswordValid = (password) => {
|
|||
if (PASSWORD_HASH) {
|
||||
return bcrypt.compareSync(password, PASSWORD_HASH);
|
||||
}
|
||||
if (PASSWORD) {
|
||||
return password === PASSWORD;
|
||||
}
|
||||
|
||||
return false;
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue