[GH-ISSUE #123] [feature request] Allow the use of hashed passwords. #99

New issue

Closed

opened 2026-02-26 05:31:19 +03:00 by kerem · 3 comments

kerem commented

2026-02-26 05:31:19 +03:00

Owner

Originally created by @LaKing on GitHub (Aug 6, 2014).
Original GitHub issue: https://github.com/NarrativeScience-old/log.io/issues/123

To integrate log.io properly into my project, I would need authentication against a hashed password in the web_server.conf.

lib/server.js line 367?

Originally created by @LaKing on GitHub (Aug 6, 2014). Original GitHub issue: https://github.com/NarrativeScience-old/log.io/issues/123 To integrate log.io properly into my project, I would need authentication against a hashed password in the web_server.conf. lib/server.js line 367?

kerem closed this issue

2026-02-26 05:31:19 +03:00

kerem commented

2026-02-26 05:31:20 +03:00

Author

Owner

@msmathers commented on GitHub (Aug 7, 2014):

What hashing algorithm are you planning to use? If we can all agree on sha1, then we could add an additional parameter to the auth parameter to indicate this. So the new config could look something like:

'auth': {
  'user': 'msmathers',
  'password': '7aaeed81834c2ace6b22bd92320d6d40bb6f814e',
  'sha1': True
}

@msmathers commented on GitHub (Aug 7, 2014): What hashing algorithm are you planning to use? If we can all agree on sha1, then we could add an additional parameter to the `auth` parameter to indicate this. So the new config could look something like: ``` 'auth': { 'user': 'msmathers', 'password': '7aaeed81834c2ace6b22bd92320d6d40bb6f814e', 'sha1': True } ```

kerem commented

2026-02-26 05:31:20 +03:00

Author

Owner

@LaKing commented on GitHub (Aug 7, 2014):

We can go with sha1, sha512, or even md5. I picked sha512 for etherpad (ep_hash_auth), but actually the hash type and the hash digest can be easily passed over as parameter too, so only the default is something we should agree on.

'auth': {
  'user': 'msmathers',
  'hash': '7aaeed81834c2ace6b22bd92320d6d40bb6f814e',
  'hash_type': 'sha1'
  'hash_digest': 'hex'
}

The code needs extension with something like this.

var crypto = require('crypto');

var hash_typ = "sha512";
var hash_dig = "hex";

if (config.hash) {
    if (config.hash_typ) hash_typ = config.hash_typ;
    if (config.hash_dig) hash_dig = config.hash_dig;
}
..
// submitted password in login process
var hash_pass = crypto.createHash(hash_typ).update(password).digest(hash_dig);

// if hash_pass == config.hash then user is authenticated.

@LaKing commented on GitHub (Aug 7, 2014): We can go with sha1, sha512, or even md5. I picked sha512 for etherpad (ep_hash_auth), but actually the hash type and the hash digest can be easily passed over as parameter too, so only the default is something we should agree on. ``` 'auth': { 'user': 'msmathers', 'hash': '7aaeed81834c2ace6b22bd92320d6d40bb6f814e', 'hash_type': 'sha1' 'hash_digest': 'hex' } ``` The code needs extension with something like this. ``` var crypto = require('crypto'); var hash_typ = "sha512"; var hash_dig = "hex"; if (config.hash) { if (config.hash_typ) hash_typ = config.hash_typ; if (config.hash_dig) hash_dig = config.hash_dig; } .. // submitted password in login process var hash_pass = crypto.createHash(hash_typ).update(password).digest(hash_dig); // if hash_pass == config.hash then user is authenticated. ```

kerem commented

2026-02-26 05:31:20 +03:00

Author

Owner

@msmathers commented on GitHub (Jan 16, 2020):

v0.4x removes support for auth in the log.io server. We currently recommend using an nginx reverse proxy to add authentication in front of the log.io server. The following recipe seems to work for most people: https://stackoverflow.com/a/29232687

@msmathers commented on GitHub (Jan 16, 2020): v0.4x removes support for auth in the log.io server. We currently recommend using an nginx reverse proxy to add authentication in front of the log.io server. The following recipe seems to work for most people: https://stackoverflow.com/a/29232687