From a2b7218792e1ec87a1ea5b10dedc9fb3612aeaf9 Mon Sep 17 00:00:00 2001
From: admtracksteel <admtracksteel@gmail.com>
Date: Wed, 25 Mar 2026 11:45:54 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=90=20Security:=20Atualizada=20senha?=
 =?UTF-8?q?=20de=20acesso=20do=20VaultUI?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server.js | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/server.js b/server.js
index 273d5be..0094712 100644
--- a/server.js
+++ b/server.js
@@ -11,6 +11,24 @@ const KEYS_HTML_PATH = path.join(__dirname, 'index.html');
 
 app.use(express.json());
 
+// Autenticação básica simples
+const auth = (req, res, next) => {
+    const authHeader = req.headers.authorization;
+    if (!authHeader) {
+        res.setHeader('WWW-Authenticate', 'Basic realm="VaultUI"');
+        return res.status(401).send('Autenticação necessária');
+    }
+    const [user, pass] = Buffer.from(authHeader.split(' ')[1], 'base64').toString().split(':');
+    if (user === 'tracksteel' && pass === '@@Gi05Br;;') {
+        next();
+    } else {
+        res.setHeader('WWW-Authenticate', 'Basic realm="VaultUI"');
+        return res.status(401).send('Credenciais inválidas');
+    }
+};
+
+app.use(auth);
+
 // Rota para servir o app
 app.get('/', (req, res) => {
     res.sendFile(KEYS_HTML_PATH);