fix(deps): refactor StaticCredentialStore initialization

Refactored StaticCredentialStore to use a struct with a map instead
of a plain map, adding methods for better encapsulation. Updated
credentials handling for proper initialization and improved password
storage using bcrypt hashing.

nanoproxy.go

@@ -31,14 +31,17 @@ func main() {
 		time.Local = loc
 	}
 
-	credentials := credential.StaticCredentialStore{}
-	for _, cred := range cfg.Credentials {
-		credArr := strings.Split(cred, ":")
-		if len(credArr) != 2 {
-			logger.Fatal().Msgf("Invalid credential: %s", cred)
+	var credentials credential.Store
+	if len(cfg.Credentials) > 0 {
+		credentials := credential.NewStaticCredentialStore()
+		for _, cred := range cfg.Credentials {
+			credArr := strings.Split(cred, ":")
+			if len(credArr) != 2 {
+				logger.Fatal().Msgf("Invalid credential: %s", cred)
+			}
+
+			credentials.Add(credArr[0], credArr[1])
 		}
-
-		credentials[credArr[0]] = credArr[1]
 	}
 
 	dnsResolver := &resolver.DNSResolver{}
@@ -77,7 +80,7 @@ func main() {
 		}()
 	}
 
-	if len(credentials) > 0 {
+	if len(cfg.Credentials) > 0 {
 		authenticator := &socks5.UserPassAuthenticator{
 			Credentials: credentials,
 		}

pkg/credential/credentials.go

@@ -8,10 +8,27 @@ type Store interface {
 	Valid(user, password string) bool
 }
 
-type StaticCredentialStore map[string]string
+type StaticCredentialStore struct {
+	store map[string]string
+}
+
+func NewStaticCredentialStore() *StaticCredentialStore {
+	return &StaticCredentialStore{
+		store: make(map[string]string),
+	}
+}
+
+func (s StaticCredentialStore) Add(user, password string) {
+	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	if err != nil {
+		return
+	}
+
+	s.store[user] = string(hash)
+}
 
 func (s StaticCredentialStore) Valid(user, password string) bool {
-	pass, ok := s[user]
+	pass, ok := s.store[user]
 	if !ok {
 		return false
 	}