User credentials (username and password hash) for Monkey Island are not options that the user is expected to manually configure. Rather, they represent inputs to the authentication system. Because they are stored in server_config.json, the server_config.json file must be stored in a writable location, which adds some undesired complexity:

In addition, user credentials serve a markedly different purpose (access control) than other values in server_config.json (configuring the behavior of Monkey Island at runtime).

Store the user credentials in a separate file within data_dir/. Alternatively, consider storing the user credentials in MongoDB instead of a file.

Tasks

• Create a new component that can store and retrieve user credentials. (0.25d) @mssalvatore
• Modify the AuthenticationService to use the new component. Write unit tests that cover the AuthenticationService. (0d) @mssalvatore
• Remove authentication code from Environment and EnvironmentConfig. (0d) @ilija-lazoroski
• Update reset password procedure in the documentation (0.25d) @ilija-lazoroski