Use htpasswd for credential storage

Review Request #10004 — Created June 6, 2018 and submitted — Latest diff uploaded

Information

rb-gateway
master
47a4fb7...

Reviewers

Previously we were hardcoding our username and password into our
config.json file, which isn't exactly secure, as the username +
password with both be lying around in memory constantly and it will be
available on disk in the event of an intrusion.

We now use an htpasswd file, for which the path is stored in
config.json.

Additionally, some HTTP errors have their verbosity reduced in the case
of internal errors (such as why we can't create a new token). These
errors are now logged instead

Ran go fmt ./...
Ran go test ./...

    Loading...