From e26d357ee7d6e689d098889de66d1c8c40482544 Mon Sep 17 00:00:00 2001
From: Carl Worth <cworth@cworth.org>
Date: Thu, 21 May 2020 07:11:53 -0700
Subject: [PATCH] Add a utility lmno-passwd.py

This is a convenience to help the admin generate user entries for the
configuration that include correctly hashed passwords.
---
 lmno-passwd.js | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 lmno-passwd.js

diff --git a/lmno-passwd.js b/lmno-passwd.js
new file mode 100644
index 0000000..d756eac
--- /dev/null
+++ b/lmno-passwd.js
@@ -0,0 +1,31 @@
+const bcrypt = require('bcrypt');
+
+/* The sigint:true property allows the user to abort the entire program
+ * with Control-C (rather than having to abort through each prompt).
+ */
+const prompt = require('prompt-sync')({
+  sigint: true
+});
+
+const username = prompt("Username: ");
+
+while (true) {
+  /* Use "echo:'*'" to avoid displaying the password while typing. */
+  var password = prompt("New password: ", {echo: '*'});
+  const password_again = prompt("Re-type new password: ", {echo: '*'});
+
+  if (password === password_again)
+    break;
+
+  console.log("Passwords do not match. Try again.");
+}
+
+const hash = bcrypt.hashSync(password, 12);
+
+console.log(`Add the following block to the 'users' object in lmno-config.js:
+
+    "${username}": {
+      "password_hash_bcrypt": "${hash}",
+      "role": "user"
+    }
+`);
-- 
2.43.0