Documentation ¶
Index ¶
- Constants
- Variables
- func CheckPassword(password string, hash string) (bool, error)
- func HashPassword(password string, salt *string) string
- func RandomString(n int) string
- type DatabaseModel
- type FileUserProvider
- type LDAPUserProvider
- type Level
- type PasswordHash
- type UserDetails
- type UserDetailsModel
- type UserProvider
Constants ¶
const ( // TOTP Method using Time-Based One-Time Password applications like Google Authenticator TOTP = "totp" // U2F Method using U2F devices like Yubikeys U2F = "u2f" // DuoPush Method using Duo application to receive push notifications. DuoPush = "duo_push" )
Variables ¶
var PossibleMethods = []string{TOTP, U2F, DuoPush}
PossibleMethods is the set of all possible 2FA methods.
Functions ¶
func CheckPassword ¶
CheckPassword check a password against a hash.
func HashPassword ¶
HashPassword generate a salt and hash the password with the salt and a constant number of rounds.
func RandomString ¶
RandomString generate a random string of n characters.
Types ¶
type DatabaseModel ¶
type DatabaseModel struct {
Users map[string]UserDetailsModel `yaml:"users" valid:"required"`
}
DatabaseModel is the model of users file database.
type FileUserProvider ¶
type FileUserProvider struct {
// contains filtered or unexported fields
}
FileUserProvider is a provider reading details from a file.
func NewFileUserProvider ¶
func NewFileUserProvider(filepath string) *FileUserProvider
NewFileUserProvider creates a new instance of FileUserProvider.
func (*FileUserProvider) CheckUserPassword ¶
func (p *FileUserProvider) CheckUserPassword(username string, password string) (bool, error)
CheckUserPassword checks if provided password matches for the given user.
func (*FileUserProvider) GetDetails ¶
func (p *FileUserProvider) GetDetails(username string) (*UserDetails, error)
GetDetails retrieve the groups a user belongs to.
func (*FileUserProvider) UpdatePassword ¶
func (p *FileUserProvider) UpdatePassword(username string, newPassword string) error
UpdatePassword update the password of the given user.
type LDAPUserProvider ¶
type LDAPUserProvider struct {
// contains filtered or unexported fields
}
LDAPUserProvider is a provider using a LDAP or AD as a user database.
func NewLDAPUserProvider ¶
func NewLDAPUserProvider(configuration schema.LDAPAuthenticationBackendConfiguration) *LDAPUserProvider
NewLDAPUserProvider creates a new instance of LDAPUserProvider.
func (*LDAPUserProvider) CheckUserPassword ¶
func (p *LDAPUserProvider) CheckUserPassword(username string, password string) (bool, error)
CheckUserPassword checks if provided password matches for the given user.
func (*LDAPUserProvider) GetDetails ¶
func (p *LDAPUserProvider) GetDetails(username string) (*UserDetails, error)
GetDetails retrieve the groups a user belongs to.
func (*LDAPUserProvider) UpdatePassword ¶
func (p *LDAPUserProvider) UpdatePassword(username string, newPassword string) error
UpdatePassword update the password of the given user.
type PasswordHash ¶
type PasswordHash struct { // The number of rounds. Rounds int // The salt with a max size of 16 characters for SHA512. Salt string // The password hash. Hash string }
PasswordHash represents all characteristics of a password hash. Authelia only supports salted SHA512 method, i.e., $6$ mode.
type UserDetails ¶
UserDetails represent the details retrieved for a given user.
type UserDetailsModel ¶
type UserDetailsModel struct { HashedPassword string `yaml:"password" valid:"required"` Email string `yaml:"email"` Groups []string `yaml:"groups"` }
UserDetailsModel is the model of user details in the file database.
type UserProvider ¶
type UserProvider interface { CheckUserPassword(username string, password string) (bool, error) GetDetails(username string) (*UserDetails, error) UpdatePassword(username string, newPassword string) error }
UserProvider is the interface for checking user password and gathering user details.