allows for multiple user logins along with live config file reading

src/node/hooks/express/webaccess.js

@@ -24,10 +24,14 @@ exports.basicAuth = function (req, res, next) {
   // If a password has been set and auth headers are present...
   if (pass && req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {
     // ...check login and password
-    if (new Buffer(req.headers.authorization.split(' ')[1], 'base64').toString() === pass) {
+    var userLogin = new Buffer(req.headers.authorization.split(' ')[1], 'base64').toString();
+    settings.readConfig();
+    for (var loginIndex in pass) {
+      if (userLogin === pass[loginIndex]) {
         return next();
       }
     }
+  }
   // Do not require auth for static paths...this could be a bit brittle
   else if (req.path.match(/^\/(static|javascripts|pluginfw)/)) {
     return next();

src/node/utils/Settings.js

@@ -103,6 +103,8 @@ exports.abiwordAvailable = function()
   }
 }
 
+exports.readConfig = function()
+{
 // Discover where the settings file lives
 var settingsFilename = argv.settings || "settings.json";
 if (settingsFilename.charAt(0) != '/') {
@@ -149,3 +151,6 @@ for(var i in settings)
     console.warn("This setting doesn't exist or it was removed");
   }
 }
+}
+
+exports.readConfig();