Encrypt passwords in DB (#1187)

* Encode/Encrypt passwords in DB * Only decrypts passwords if it is necessary * Add tests for encryption functions
2021-06-18 18:38:38 -04:00
parent d42dfafad4
commit 66b74c81f1
12 changed files with 302 additions and 7 deletions
@@ -50,6 +50,7 @@ type configOptions struct {
 	EnableLogRedacting     bool
 	AuthRequestLimit       int
 	AuthWindowLength       time.Duration
+	PasswordEncryptionKey  string
 	ReverseProxyUserHeader string
 	ReverseProxyWhitelist  string

@@ -202,6 +203,7 @@ func init() {
 	viper.SetDefault("enablelogredacting", true)
 	viper.SetDefault("authrequestlimit", 5)
 	viper.SetDefault("authwindowlength", 20*time.Second)
+	viper.SetDefault("passwordencryptionkey", "")

 	viper.SetDefault("reverseproxyuserheader", "Remote-User")
 	viper.SetDefault("reverseproxywhitelist", "")