Documentation ¶
Index ¶
- type Account
- func (a Account) Gid() string
- func (a Account) GroupIDs() ([]string, error)
- func (a Account) Groups() []authentication.Group
- func (a Account) HomeDir() string
- func (a Account) Metadata() map[string]interface{}
- func (a Account) Name() string
- func (a Account) Permissions() *gossh.Permissions
- func (a Account) Uid() string
- func (a Account) Username() string
- type Static
- type StaticPublicKeyProvider
- type User
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Account ¶
type Account struct { // The ID for the user to be identified with. If empty, UUID will be generated at provision-time. ID string `json:"id,omitempty"` // A user's username. Uname string `json:"name"` // The user's hashed password, base64-encoded. Password string `json:"password"` // The user's password salt, base64-encoded; for // algorithms where external salt is needed. Salt string `json:"salt,omitempty"` // The $HOME directory of the user. If empty, the app defaults to `C:\Users\Public` on Windows and `/var/empty` otherwise. Home string `json:"home,omitempty"` // Additional metadata for the user Custom map[string]interface{} `json:"custom,omitempty"` // contains filtered or unexported fields }
Account contains a username, password, and salt (if applicable).
func (Account) Groups ¶
func (a Account) Groups() []authentication.Group
collects and returns the user groups as values implementing the authentication.Group interface
func (Account) HomeDir ¶
HomeDir returns the custom $HOME if defined in the "home" JSON field, otherwise defaults to `C:\Users\Public` on Windows and `/var/empty` on *nix
func (Account) Metadata ¶
returns any custom metadata defined in the user record in the "custom" JSON field
func (Account) Permissions ¶
func (a Account) Permissions() *gossh.Permissions
returns the permission set of the user
type Static ¶
type Static struct { // The algorithm with which the passwords are hashed. Default: bcrypt HashRaw json.RawMessage `json:"hash,omitempty" caddy:"namespace=http.authentication.hashes inline_key=algorithm"` // The list of accounts to authenticate. Accounts []Account `json:"accounts,omitempty"` // contains filtered or unexported fields }
func (Static) AuthenticateUser ¶
func (up Static) AuthenticateUser(sshctx session.ConnMetadata, password []byte) (authentication.User, bool, error)
AuthenticateUser in the Static authentication provider looks up the user in the in-memory map and checks for match in the password hash. If successful, the method returns the user account as an implementation of authentication.User and true; otherwise, the method returns empty account value, false, and an error.
func (Static) CaddyModule ¶
func (Static) CaddyModule() caddy.ModuleInfo
This method indicates that the type is a Caddy module. The returned ModuleInfo must have both a name and a constructor function. This method must not have any side-effects.
type StaticPublicKeyProvider ¶
type StaticPublicKeyProvider struct { // the user list along ith their keys sources Users []User `json:"users,omitempty"` // contains filtered or unexported fields }
func (StaticPublicKeyProvider) AuthenticateUser ¶
func (pk StaticPublicKeyProvider) AuthenticateUser(ctx session.ConnMetadata, pubkey gossh.PublicKey) (authentication.User, bool, error)
AuthenticateUser looks up the use in the in-memory map and grab the key to match against the presented key. It adds the key fingerprint in the extensions of the permissions, keyed with "pubkey-fp".
func (StaticPublicKeyProvider) CaddyModule ¶
func (StaticPublicKeyProvider) CaddyModule() caddy.ModuleInfo
This method indicates that the type is a Caddy module. The returned ModuleInfo must have both a name and a constructor function. This method must not have any side-effects.
func (*StaticPublicKeyProvider) Provision ¶
func (pk *StaticPublicKeyProvider) Provision(ctx caddy.Context) error
Provision loads up the users' keys from the named sources, which may be https? or file. TODO: modularize the source to allow arbitrary sources, e.g. Hashicorp Vault
type User ¶
type User struct { // the login username identifying the user Username string `json:"username"` // url to the location, e.g. file:///path/to/file or https://github.com/username.keys Keys []string `json:"keys,omitempty"` // contains filtered or unexported fields }