[mirotalksfu] - allow multi users secure access to protected host

app/src/Server.js

@@ -92,6 +92,7 @@ const host = 'https://' + 'localhost' + ':' + config.server.listen.port; // conf
 
 const hostCfg = {
     protected: config.host.protected,
+    users: config.host.users,
     username: config.host.username,
     password: config.host.password,
     authenticated: !config.host.protected,
@@ -345,7 +346,9 @@ function startServer() {
             let ip = getIP(req);
             log.debug(`Request login to host from: ${ip}`, req.body);
             const { username, password } = checkXSS(req.body);
-            if (username == hostCfg.username && password == hostCfg.password) {
+            const isValidUser =
+                hostCfg.users && hostCfg.users.some((user) => user.username === username && user.password === password);
+            if (isValidUser) {
                 hostCfg.authenticated = true;
                 authHost = new Host(ip, true);
                 log.debug('LOGIN OK', { ip: ip, authorized: authHost.isAuthorized(ip) });

app/src/config.template.js

@@ -38,13 +38,22 @@ module.exports = {
     },
     host: {
         /*
-            Host Protection (default False)
-            In order to protect your host set 
-            hostProtected to true and set your own Username and Password
+            Host Protection (default: false)
+            To enhance host security, enable host protection and provide valid
+            usernames and passwords in the users array.
         */
         protected: false,
-        username: 'username',
-        password: 'password',
+        users: [
+            {
+                username: 'username',
+                password: 'password',
+            },
+            {
+                username: 'username2',
+                password: 'password2',
+            },
+            //...
+        ],
     },
     presenters: [
         /*