Added the ability to accept encrypted passwords (#487)

* Added the ability to accept encrypted passwords

* Updated readme

* Updated README to include a link to a bcrypt tool

Author: dvanwinkle

Parse-Dashboard/app.js

@@ -86,16 +86,18 @@ module.exports = function(config, allowInsecureHTTP) {
     }
 
     let appsUserHasAccess = null;
+    let bcrypt = require('bcryptjs');
 
     const successfulAuth =
       //they provided auth
       auth &&
       //there are configured users
       users &&
       //the provided auth matches one of the users
-       users.find(user => {
+      users.find(user => {
         let isAuthorized = user.user == auth.name &&
-                            user.pass == auth.pass
+                          (user.pass == auth.pass ||
+                           bcrypt.compareSync(auth.pass, user.pass));
         if (isAuthorized) {
           // User restricted apps
           appsUserHasAccess = user.apps

README.md

@@ -234,6 +234,8 @@ You can configure your dashboard for Basic Authentication by adding usernames an
 }
 ```
 
+You can store the password in either `plain text` or `bcrypt` formats. You can encrypt the password using any online bcrypt tool e.g. [https://www.bcrypt-generator.com](https://www.bcrypt-generator.com).
+
 ### Separating App Access Based on User Identity
 If you have configured your dashboard to manage multiple applications, you can restrict the management of apps based on user identity.
 

package.json

@@ -36,7 +36,8 @@
     "commander": "^2.9.0",
     "express": "^4.13.4",
     "json-file-plus": "^3.2.0",
-    "package-json": "^2.3.1"
+    "package-json": "^2.3.1",
+    "bcryptjs": "^2.3.0"
   },
   "devDependencies": {
     "babel-core": "~5.8.12",