Documentation

Overview

Package store implements a simple storage backend for whawty.auth password hash files. The schema of the whawty.auth password store can be found in the doc directory. If the environment contains the variable WHAWTY_AUTH_DEBUG logging will be enabled. By default whawty.auth doesn't log anything.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsFormatSupported

func IsFormatSupported(filename string) error

IsFormatSupported checks if the format of the hash file is supported

Types

type Dir

type Dir struct {
	BaseDir       string
	DefaultFormat string
	Scryptauth    struct {
		Contexts     map[uint]*scryptauth.Context
		DefaultCtxID uint
	}
}

Dir represents a directory containing a whawty.auth password hash store. Use NewDir to create it.

func NewDir

func NewDir(BaseDir string) (d *Dir)

NewDir creates a new whawty.auth store using BaseDir as base directory.

func NewDirFromConfig

func NewDirFromConfig(configfile string) (d *Dir, err error)

NewDirFromConfig creates a new whawty.auth store from yaml config file.

func (*Dir) AddUser

func (d *Dir) AddUser(user, password string, isAdmin bool) (err error)

AddUser adds user to the store. It is an error if the user already exists.

func (*Dir) Authenticate

func (d *Dir) Authenticate(user, password string) (isAuthenticated, isAdmin, upgradeable bool, lastchange time.Time, err error)

Authenticate checks if user and password are a valid combination. It also returns whether user is an admin, the password is upgradeable and when the password was last changed.

func (*Dir) Check

func (d *Dir) Check() error

Check tests if the directory is a valid whawty.auth base directory.

func (*Dir) Exists

func (d *Dir) Exists(user string) (exists bool, isAdmin bool, err error)

Exists checks if user exists. It also returns whether user is an admin.

func (*Dir) Init

func (d *Dir) Init(admin, password string) error

Init initializes the store by creating a password file for an admin user.

func (*Dir) List

func (d *Dir) List() (UserList, error)

List returns a list of all supported users in the store.

func (*Dir) ListFull

func (d *Dir) ListFull() (UserListFull, error)

ListFull returns a list of all users in the store. This includes users with unsupported hash formats.

func (*Dir) RemoveUser

func (d *Dir) RemoveUser(user string)

RemoveUser removes user from the store.

func (*Dir) SetAdmin

func (d *Dir) SetAdmin(user string, adminState bool) (err error)

SetAdmin changes the admin status of user. It is an error if the user does not exist.

func (*Dir) UpdateUser

func (d *Dir) UpdateUser(user, password string) (err error)

UpdateUser changes the password of user. It is an error if the user does not exist.

type User

type User struct {
	IsAdmin     bool      `json:"admin"`
	LastChanged time.Time `json:"lastchanged"`
}

User holds basic information about a specific user. This is used as the value type for UserList.

type UserFull

type UserFull struct {
	IsAdmin      bool      `json:"admin"`
	LastChanged  time.Time `json:"lastchanged"`
	IsValid      bool      `json:"valid"`
	IsSupported  bool      `json:"supported"`
	FormatID     string    `json:"formatid"`
	FormatParams string    `json:"formatparams"`
}

UserFull holds additional information about a specific user. This is used as the value type for UserListFull.

type UserHash

type UserHash struct {
	// contains filtered or unexported fields
}

UserHash is the representation of a single user hash file inside the store. Use NewUserHash to create it.

func NewUserHash

func NewUserHash(store *Dir, user string) (u *UserHash)

NewUserHash creates a new whawty.auth UserHash for user inside BaseDir.

func (*UserHash) Add

func (u *UserHash) Add(password string, isAdmin bool) error

Add creates the hash file. It is an error if the user already exists.

func (*UserHash) Authenticate

func (u *UserHash) Authenticate(password string) (isAuthenticated, isAdmin, upgradeable bool, lastchange time.Time, err error)

Authenticate checks the user password. It also returns whether user is an admin, the password is upgradable and when the password was last changed.

func (*UserHash) Exists

func (u *UserHash) Exists() (exists bool, isAdmin bool, err error)

Exists checks if user exists. It also returns whether user is an admin. This returns true even if the user's hash file format is not supported

func (*UserHash) Remove

func (u *UserHash) Remove()

Remove deletes hash file.

func (*UserHash) SetAdmin

func (u *UserHash) SetAdmin(adminState bool) error

SetAdmin changes the admin status of user.

func (*UserHash) Update

func (u *UserHash) Update(password string) error

Update changes the password for user.

type UserList

type UserList map[string]User

UserList is the return value of List(). The key of the map is the username.

type UserListFull

type UserListFull map[string]UserFull

UserListFull is the return value of ListFull(). The key of the map is the username.