From efd90ef64ad4f189361e49d37e88c3c30d7db305 Mon Sep 17 00:00:00 2001
From: Tyler Lugger <tlugger@n.io>
Date: Mon, 10 Sep 2018 14:42:22 -0600
Subject: [PATCH] Add new security module updates

---
 etc/permissions.json | 4 ++--
 etc/users.json       | 8 ++++----
 nio.conf             | 6 ++++++
 nio.conf.example     | 4 ++++
 4 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/etc/permissions.json b/etc/permissions.json
index 09d1ccf..4738537 100644
--- a/etc/permissions.json
+++ b/etc/permissions.json
@@ -1,5 +1,5 @@
 {
     "Admin": {
-      ".*": "rwx"
+        ".*": "rwx"
     }
-}
+}
\ No newline at end of file
diff --git a/etc/users.json b/etc/users.json
index c5b23f6..693c830 100644
--- a/etc/users.json
+++ b/etc/users.json
@@ -1,5 +1,5 @@
 {
-    "Admin": {"password": "QWRtaW4="},
-    "User": {"password": "VXNlcg=="},
-    "Guest": {"password": "R3Vlc3Q="}
-}
+    "Admin": {
+        "password": "$2b$12$W/OqAVeNxl0gXMAmtMbI8ums1mEetMXn5YmoLFLw2n1rGe4NciqTO"
+    }
+}
\ No newline at end of file
diff --git a/nio.conf b/nio.conf
index 9f29069..9d36e4a 100644
--- a/nio.conf
+++ b/nio.conf
@@ -60,3 +60,9 @@ ssl_certificate:
 ssl_private_key:
 # optional certificate chain
 ssl_certificate_chain:
+
+
+[security]
+# boolean to allow passwords to be stored as plain text or bcrypt hashes
+#
+allow_unhashed_passwords=false
diff --git a/nio.conf.example b/nio.conf.example
index 7c36534..2c35b38 100644
--- a/nio.conf.example
+++ b/nio.conf.example
@@ -409,6 +409,10 @@ subscriber_client_secret_cert=[[SUBSCRIBER_CLIENT_SECRET_CERT]]
 #
 #permissions=etc/permissions.json
 
+# boolean to allow passwords to be stored as plain text or bcrypt hashes
+#
+#allow_unhashed_passwords=true
+
 # [security.oauth]
 #
 ## json configuration that maps users to permissions - can point to a conf file