Encrypt passwords in DB (#1187)

* Encode/Encrypt passwords in DB * Only decrypts passwords if it is necessary * Add tests for encryption functions
2021-06-18 18:38:38 -04:00
parent d42dfafad4
commit 66b74c81f1
12 changed files with 302 additions and 7 deletions
@@ -20,6 +20,11 @@ const (
 	DefaultSessionTimeout  = 24 * time.Hour
 	CookieExpiry           = 365 * 24 * 3600 // One year

+	// DefaultEncryptionKey This is the encryption key used if none is specified in the `PasswordEncryptionKey` option
+	// Never ever change this! Or it will break all Navidrome installations that don't set the config option
+	DefaultEncryptionKey  = "just for obfuscation"
+	PasswordsEncryptedKey = "PasswordsEncryptedKey"
+
 	DevInitialUserName = "admin"
 	DevInitialName     = "Dev Admin"