From 2aca34e488576146b7d946a4c5c8749bd9ee0222 Mon Sep 17 00:00:00 2001
From: "D. Berge" <dberge@aaltronav.eu>
Date: Sun, 11 Oct 2020 18:21:19 +0200
Subject: [PATCH] Read user login info from discrete file.

`$DOUGAL_ROOT/etc/users.yaml` to be exact.
---
 lib/www/server/api/middleware/auth/authentify.js |  4 ++--
 lib/www/server/api/middleware/user/login.js      |  2 +-
 lib/www/server/lib/config.js                     | 12 ++++++++++++
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/lib/www/server/api/middleware/auth/authentify.js b/lib/www/server/api/middleware/auth/authentify.js
index c7205cd..b060fe6 100644
--- a/lib/www/server/api/middleware/auth/authentify.js
+++ b/lib/www/server/api/middleware/auth/authentify.js
@@ -4,7 +4,7 @@ const cfg = require('../../../lib/config');
 const jwt = require('../../../lib/jwt');
 
 async function authorisedIP (req, res) {
-	const validIPs = cfg.global.login.ip;
+	const validIPs = cfg._("global.users.login.ip") || {};
 	for (const key in validIPs) {
 		const block = new Netmask(key);
 		if (block.contains(req.ip)) {
@@ -19,7 +19,7 @@ async function authorisedIP (req, res) {
 }
 
 async function authorisedHost (req, res) {
-	const validHosts = cfg.global.login.host
+	const validHosts = cfg._("global.users.login.host") || {};
 	for (const key in validHosts) {
 		const ip = await dns.promises.resolve(key);
 		if (ip == req.ip) {
diff --git a/lib/www/server/api/middleware/user/login.js b/lib/www/server/api/middleware/user/login.js
index b2dc934..aea9aa5 100644
--- a/lib/www/server/api/middleware/user/login.js
+++ b/lib/www/server/api/middleware/user/login.js
@@ -9,7 +9,7 @@ async function login (req, res, next) {
 			const hash = crypto
 				.pbkdf2Sync(password, 'Dougal'+user, 10712, 48, 'sha512')
 				.toString('base64');
-			for (const credentials of cfg.global.login.user) {
+			for (const credentials of cfg._("global.users.login.user") || []) {
 				if (credentials.name == user && credentials.hash == hash) {
 					const payload = Object.assign({}, credentials);
 					delete payload.hash;
diff --git a/lib/www/server/lib/config.js b/lib/www/server/lib/config.js
index c1a93ce..b51c682 100644
--- a/lib/www/server/lib/config.js
+++ b/lib/www/server/lib/config.js
@@ -6,6 +6,7 @@ const YAML = require('yaml');
 const cfgPrefix = process.env.DOUGAL_ROOT || ((process.env.HOME || ".") + "/software");
 const cfgPath = process.env.DOUGAL_API_CONFIG || (cfgPrefix+"/etc/www/config.json");
 const globalCfgPath = cfgPrefix+"/etc/config.yaml";
+const usersCfgPath = cfgPrefix+"/etc/users.yaml";
 
 let config = {}
 
@@ -71,6 +72,17 @@ try {
 			config.global = YAML.parse(text);
 		}
 	}
+
+	if (fs.existsSync(usersCfgPath)) {
+		const text = fs.readFileSync(usersCfgPath, 'utf8');
+		if (text) {
+			if (!config.global) {
+				config.global = {};
+			}
+			config.global.users = YAML.parse(text);
+		}
+	}
+
 } catch (err) {
 	console.error(err);
 }