Documentation
¶
Index ¶
- Constants
- func CreatePasswordHash(password string, algo string, iterations uint) (hash string, err error)
- type Authenticator
- func (ah *Authenticator) SetPassword(username string, password string) error
- func (ah *Authenticator) Start() error
- func (ah *Authenticator) Stop()
- func (ah *Authenticator) VerifyPasswordHash(hash string, password string, algo string) bool
- func (ah *Authenticator) VerifyUsernamePassword(loginName string, password string) bool
- type IUnpwStore
- type VerifyUsernamePassword
Constants ¶
const ( PWHASH_ARGON2id = "argon2id" PWHASH_BCRYPT = "bcrypt" // fallback in case argon2i cannot be used )
supported password hashes
Variables ¶
This section is empty.
Functions ¶
func CreatePasswordHash ¶
CreatePasswordHash for the given password This creates the hash and does not update the store. See also VerifyPasswordHash The only two hashes allowed are argon2id and bcrypt, although argon2id is recommended
password to hash algo is the algorithm to use, PWHASH_ARGON2id (default) or PWHASH_BCRYPT iterations for argon2id, default is 10
Types ¶
type Authenticator ¶
type Authenticator struct {
// contains filtered or unexported fields
}
Authenticator manages client username/password authentication for access to Things
func NewAuthenticator ¶
func NewAuthenticator(unpwStore IUnpwStore) *Authenticator
NewAuthenticator creates a new instance of the authentication handler to update and verify user passwords.
unpwStore provides the functions to access the password store.
func (*Authenticator) SetPassword ¶
func (ah *Authenticator) SetPassword(username string, password string) error
SetPassword hashes the given password and stores it in the password store Returns if username or password are not provided
func (*Authenticator) Start ¶
func (ah *Authenticator) Start() error
Start the authhandler. This opens the password store. if no password store was provided this simply returns nil
func (*Authenticator) Stop ¶
func (ah *Authenticator) Stop()
Stop the auth handler and close the password store.
func (*Authenticator) VerifyPasswordHash ¶
func (ah *Authenticator) VerifyPasswordHash(hash string, password string, algo string) bool
VerifyPasswordHash verifies if the given hash matches the password This does not access the store
hash to verify password to verify against algo is the algorithm to use, PWHASH_ARGON2id or PWHASH_BCRYPT
returns true if the password matches the hash, or false on mismatch
func (*Authenticator) VerifyUsernamePassword ¶
func (ah *Authenticator) VerifyUsernamePassword(loginName string, password string) bool
VerifyUsernamePassword verifies if the given password is valid for login Returns true if valid, false if the user is unknown or the password is invalid
type IUnpwStore ¶
type IUnpwStore interface {
// Close the store
Close()
// GetPasswordHash returns the password hash for the user, or "" if the user is not found
GetPasswordHash(username string) string
// Open the store
Open() error
// SetPasswordHash writes and updates the password for the given user
// loginID is the login ID of the user whose hash to write
// hash is the calculated password hash to store. This is independent of the hashing algorithm.
// Returns error if the store isn't writable
SetPasswordHash(loginID string, hash string) error
}
IUnpwStore defined the interface for accessing the username-password store
type VerifyUsernamePassword ¶
VerifyUsernamePassword is an interface to verify username/password authentication
Source Files