[#119] Username/password file implementation
This commit implements using a file to pre-load usernames, passwords and
authorizations into the web server. Passwords are always stored hashed,
except when they are initially created by the user. The user also can
use the previously existing option --auth-stdin to create that file.
See the updated documentation for operational details.
In this commit, in order to focus on the actual operational details,
password hashing is done using the command line utility mkpasswd. A
future commit will add libsodium integration. The hash used with
mkpasswd is sha512 with a salt of the padded user name and an
iteration count of 1,000,000. I tried using scrypt and bcrypt, but
they either failed to produce the same hash on different tries, or were
not implemented at the libcrypt level. That's why I fell back to a
more primitive password hash for now. CMakeLists.txt checks for the
presence of mkpasswd, and the Dockerfile installs the whois
package which (oddly) contains mkpasswd.
The unsecure ydbgui_users environment variable (used previously for
testing) has now been removed as we now have a secure way of supplying
users for testing.
New Tests for failure cases:
- tusersNoFile
- tusersInvalidJSON
- tusersValidJSONInvalidKeys
Version incremented from 3.0.0 to 3.1.0.