README
¶
authlite
A lightweight, non-critical authorization library that stores data in CSV files.
authlite is a simple, lightweight authorization library for small systems
that don't need enterprise-grade security. It will store (and test)
username/password combinations, and also issue (and test) temporary
user-specific "session keys". It stores usernames and hashed passwords, as
well as issued session keys in plain text (.csv files).
All access to shared state is protected appropriately by mutices, so the
library is thread-safe, except for the call to Configure(). I feel like
this is reasonable; Configure() should only be called once at the very
beginning of your program. If you need to reconfigure authlite in the
middle of your program, you'll either need to stop all other threads that
use it, or add some mutex dancing to this function yourself.
The code is pretty well commented, and godoc produces useful information.
See the test.conf file for an example configuration file (and explanation
of the configuration options).
Documentation
¶
Overview ¶
authlite.go
A lightweight, non-critical authorization library that stores its data in CSV files.
https://github.com/d2718/authlite
2019-11-14
Index ¶
- Constants
- Variables
- func AddUser(uname, pwd string) error
- func CheckAndRefreshKey(uname, keystr string) (bool, error)
- func CheckKey(uname, keystr string) (bool, error)
- func CheckPassword(uname, pwd string) (bool, error)
- func CheckPasswordAndIssueKey(uname, pwd string) (string, error)
- func Configure(cfg_path string) error
- func CullOldKeys()
- func DeleteUser(uname string) error
- func FlushKeys() error
- func FlushUsers() error
- func KeysDirty() bool
- func LoadKeys() error
- func LoadUsers() error
- func UsersDirty() bool
Constants ¶
const DEBUG bool = false
Variables ¶
Functions ¶
func AddUser ¶
AddUser() adds a user with the supplied user name and password. Will return ErrUserExists if the supplied user name already exists. Sets the user data to "dirty" on success.
func CheckAndRefreshKey ¶
CheckAndRefreshKey() checks whether the supplied key has been issued to the supplied username and has not expired; returns appropriate error if not. If the username/key combo is good, the key's expiry time will be reset (to now + key_lifetime), and key data will be set to "dirty".
func CheckKey ¶
CheckKey() Checks to see whether the supplied key has been issued to the supplied username and has not expired. Returns ErrBadKey on failure.
func CheckPassword ¶
CheckPassword() returns whether the supplied username/password combo checks out. Will return ErrNotAUser or ErrBadPassword as appropriate.
func CheckPasswordAndIssueKey ¶
CheckPasswordAndIssueKey() checks whether the username/password combo checks out. If so, it will generate (and return) a new key associated with that username. Returns an empty string and appropriate error if the username/password combo is bad.
func Configure ¶
Configure(cfg_path string) reads the configuration file at cfg_path, sets options appropriately, and initializes everything that needs to be initialized. It also calls LoadUsers() and LoadKeys() to load all data.
Configure() IS NOT thread-safe. It should just be called once at the beginning of your program, before any authorization needs to take place. If you need to reconfigure this module mid-program, you can either try introducing a careful locking dance, or ensuring all your auth-requiring threads are stopped. I don't know which will be more painful.
func CullOldKeys ¶
func CullOldKeys()
CullOldKeys() grovels through issued keys and removes expired ones. If it removes anything, it sets key data to "dirty".
func DeleteUser ¶
DeleteUser() removes the user with the supplied user name. Will return ErrNotAUser if there is no user with the supplied user name. Sets the user data to "dirty" on success.
func FlushKeys ¶
func FlushKeys() error
FlushKeys() writes session key data to the file specified in the KEY_FILE configuration option. Ignores expired keys (they will not be written). On success it will flag the key data as "clean", and KeysDirty() will return false until a new key is issued or old keys are culled.
func FlushUsers ¶
func FlushUsers() error
FlushUsers() writes all user data (usernames and password hashes) to the file specified with the USER_FILE configuration option. On success it will flag the user data as "clean", and UsersDirty() (above) will return false until a change is made.
func KeysDirty ¶
func KeysDirty() bool
KeysDirty() returns true if changes have been made to the key data (session keys have been added or culled) since the last time the key data was read from or flushed to disk.
func LoadKeys ¶
func LoadKeys() error
LoadKeys() attempts to load data about temporary session keys from the file specified with the KEY_FILE configuration option. It will ignore expired keys. On success it will flag the key data as "clean", and KeysDirty() will return false until a new key is issued or old keys are culled.
func LoadUsers ¶
func LoadUsers() error
LoadUsers() attempts to load username/password hash data from the file specified in the USER_FILE configuation option. If current user data has changed (by adding or deleting users, say) since the last time FlushUsers() (below) was called, those changes will be lost.
When successful, LoadUsers() will flag the user data as "clean", and UsersDirty() (above) will return false until a change is made.
func UsersDirty ¶
func UsersDirty() bool
UsersDirty() returns true if changes have been made to the user data (users have been added or deleted) since the last time the user data was read from or flushed to disk.
Types ¶
This section is empty.
Source Files