bring password hash back

users want to have this instead cleartext password. Mitigates security issues.

src/lib/Server.js

@@ -1,5 +1,6 @@
 'use strict';
 
+const bcrypt = require('bcryptjs');
 const crypto = require('node:crypto');
 const { createServer } = require('node:http');
 const { stat, readFile } = require('node:fs/promises');
@@ -117,6 +118,15 @@ module.exports = class Server {
           return next();
         }
 
+        if (req.url.startsWith('/api/') && req.headers['authorization']) {
+          if (bcrypt.compareSync(req.headers['authorization'], bcrypt.hashSync(PASSWORD, 10))) {
+            return next();
+          }
+          return res.status(401).json({
+            error: 'Incorrect Password',
+          });
+        }
+
         return res.status(401).json({
           error: 'Not Logged In',
         });

src/package.json

@@ -13,6 +13,7 @@
   "author": "Emile Nijssen",
   "license": "CC BY-NC-SA 4.0",
   "dependencies": {
+    "bcryptjs": "^2.4.3",
     "debug": "^4.3.5",
     "express-session": "^1.18.0",
     "h3": "^1.11.1",