Documentation ¶
Overview ¶
Package auth implements authentication services for chasquid.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecodeResponse ¶
DecodeResponse decodes a plain auth response.
It must be a a base64-encoded string of the form:
<authorization id> NUL <authentication id> NUL <password>
https://tools.ietf.org/html/rfc4954#section-4.1.
Either both ID match, or one of them is empty. We expect the ID to be "user@domain", which is NOT an RFC requirement but our own.
Types ¶
type Authenticator ¶
type Authenticator struct { // Fallback backend, to use when backends[domain] (which may not exist) // did not yield a positive result. // Note that this backend gets the user with the domain included, of the // form "user@domain". Fallback Backend // How long Authenticate calls should last, approximately. // This will be applied both for successful and unsuccessful attempts. // We will increase this number by 0-20%. AuthDuration time.Duration // contains filtered or unexported fields }
Authenticator tracks the backends for each domain, and allows callers to query them with a more practical API.
func NewAuthenticator ¶
func NewAuthenticator() *Authenticator
NewAuthenticator returns a new Authenticator with no backends.
func (*Authenticator) Authenticate ¶
func (a *Authenticator) Authenticate(user, domain, password string) (bool, error)
Authenticate the user@domain with the given password.
func (*Authenticator) Exists ¶
func (a *Authenticator) Exists(user, domain string) (bool, error)
Exists checks that user@domain exists.
func (*Authenticator) Register ¶
func (a *Authenticator) Register(domain string, be Backend)
Register a backend to use for the given domain.
func (*Authenticator) Reload ¶
func (a *Authenticator) Reload() error
Reload the registered backends.
type Backend ¶
type Backend interface { Authenticate(user, password string) (bool, error) Exists(user string) (bool, error) Reload() error }
Backend is the common interface for all authentication backends.
func WrapNoErrorBackend ¶
func WrapNoErrorBackend(be NoErrorBackend) Backend
WrapNoErrorBackend wraps a NoErrorBackend, converting it into a valid Backend. This is normally used in Auth.Register calls, to register no-error backends.
type NoErrorBackend ¶
type NoErrorBackend interface { Authenticate(user, password string) bool Exists(user string) bool Reload() error }
NoErrorBackend is the interface for authentication backends that don't need to emit errors. This allows backends to avoid unnecessary complexity, in exchange for a bit more here. They can be converted to normal Backend using WrapNoErrorBackend (defined below).