From e929a6a1f333f2bc3e1cf5e0779313465cb8eb9c Mon Sep 17 00:00:00 2001
From: Thomas Ruoff <ThomasRuoff@gmail.com>
Date: Tue, 24 Nov 2020 00:09:41 +0100
Subject: [PATCH] read password from env

---
 lib/authenticate.ts | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/authenticate.ts b/lib/authenticate.ts
index 8f451f4..9df5003 100644
--- a/lib/authenticate.ts
+++ b/lib/authenticate.ts
@@ -1,3 +1,5 @@
+const ADMIN_PASSWORD = process.env.ADMIN_PASSWORD
+
 export function authenticateAdmin({
   username,
   password,
@@ -9,8 +11,11 @@ export function authenticateAdmin({
     return false
   }
 
-  // FIXME: move at least to env variable
-  if (password !== 'secret') {
+  if (!ADMIN_PASSWORD) {
+    throw new Error('ADMIN_PASSWORD not set. Login disabled!')
+  }
+
+  if (password !== ADMIN_PASSWORD) {
     return false
   }