User management
You can manage users for HTTP authentication in SVR.JS by using svrpasswd.js tool (SVR.JS 3.0.0 or newer). Usage is node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-x] [-a|--add|-d|--delete] <username>
. Command-line options:
- -h, -?, /h, /? or —help - displays help
- -a or —add - adds an user
- -d or —delete - deletes an user
- -x - forces password hashing algorithm change
In SVR.JS 3.7.0 and newer, you can choose between 3 password hashing algorithms:
- Salted SHA256 (1 iteration) - fastest and uses least memory, but less secure
- PBKDF2 (PBKDF2-HMAC-SHA512, 36250 iterations) - more secure and uses less memory, but slower
- scrypt (N=214, r=8, p=1) - faster and more secure, but uses more memory