Documentation ¶
Overview ¶
Copyright © 2019, 2022 M.Watermann, 10247 Berlin, Germany All rights reserved EMail : <support@mwat.de>
Package passlist provides a `BasicAuth` middleware plugin for Go web-servers.
Copyright © 2019, 2023 M.Watermann, 10247 Berlin, Germany All rights reserved EMail : <support@mwat.de>
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
You should have received a copy of the GNU General Public License along with this program. If not, see the [GNU General Public License](http://www.gnu.org/licenses/gpl.html) for details.
Copyright © 2019, 2022 M.Watermann, 10247 Berlin, Germany All rights reserved EMail : <support@mwat.de>
Index ¶
- Variables
- func AddUser(aUser, aFilename string)
- func CheckUser(aUser, aFilename string)
- func DeleteUser(aUser, aFilename string)
- func Deny(aRealm string, aWriter http.ResponseWriter)
- func ListUsers(aFilename string)
- func Pepper() string
- func SetPepper(aPepper string)
- func UpdateUser(aUser, aFilename string)
- func Wrap(aHandler http.Handler, aRealm, aPasswdFile string, aAuthDecider TAuthDecider) http.Handler
- type TAuthDecider
- type TAuthNeeder
- type TAuthSkipper
- type TPassList
- func (ul *TPassList) Add(aUser, aPassword string) error
- func (ul *TPassList) Clear() *TPassList
- func (ul *TPassList) Exists(aUser string) (rOK bool)
- func (ul *TPassList) Find(aUser string) (rHash string, rOK bool)
- func (ul *TPassList) IsAuthenticated(aRequest *http.Request) error
- func (ul *TPassList) Len() int
- func (ul *TPassList) List() (rList []string)
- func (ul *TPassList) Load() error
- func (ul *TPassList) Matches(aUser, aPassword string) (rOK bool)
- func (ul *TPassList) Remove(aUser string) *TPassList
- func (ul *TPassList) Store() (int, error)
- func (ul *TPassList) String() string
Constants ¶
This section is empty.
Variables ¶
var ( // Verbose determines whether or not to print some output // when executing the commands. Verbose = true )
Functions ¶
func AddUser ¶ added in v1.2.0
func AddUser(aUser, aFilename string)
AddUser reads a password for `aUser` from the commandline and adds it to `aFilename`.
NOTE: This function does not return but terminates the program with error code `0` (zero) if successful, or `1` (one) otherwise.
`aUser` the username to add to the password file. `aFilename` name of the password file to use.
func CheckUser ¶ added in v1.2.0
func CheckUser(aUser, aFilename string)
CheckUser reads a password for `aUser` from the commandline and compares it with the one stored in `aFilename`.
NOTE: This function does not return but terminates the program with error code `0` (zero) if successful, or `1` (one) otherwise.
`aUser` the username to check in the password file. `aFilename` name of the password file to use.
func DeleteUser ¶ added in v1.2.0
func DeleteUser(aUser, aFilename string)
DeleteUser removes the entry for `aUser` from the password list `aFilename`.
NOTE: This function does not return but terminates the program with error code `0` (zero) if successful, or `1` (one) otherwise.
`aUser` the username to remove from the password file. `aFilename` name of the password file to use.
func Deny ¶
func Deny(aRealm string, aWriter http.ResponseWriter)
Deny sends an "Unauthorised" notice to the remote host.
`aRealm` The symbolic name of the host/domain to protect. `aWriter` Used by an HTTP handler to construct an HTTP response.
func ListUsers ¶ added in v1.2.0
func ListUsers(aFilename string)
ListUsers reads `aFilename` and lists all users stored in there.
NOTE: This function does not return but terminates the program with error code `0` (zero) if successful, or `1` (one) otherwise.
`aFilename` name of the password file to use.
func Pepper ¶ added in v1.1.0
func Pepper() string
Pepper returns the value used for peppering passwords.
func SetPepper ¶ added in v1.1.0
func SetPepper(aPepper string)
SetPepper changes the value used for peppering passwords.
If the given `aPepper` value is an empty string it is ignored and the current pepper value remains unchanged.
`aPepper` The new pepper value to use.
func UpdateUser ¶ added in v1.2.0
func UpdateUser(aUser, aFilename string)
UpdateUser reads a password for `aUser` from the commandline and updates the entry in the password list `aFilename`.
NOTE: This function does not return but terminates the program with error code `0` (zero) if successful, or `1` (one) otherwise.
`aUser` the username to remove from the password file. `aFilename` name of the password file to use.
func Wrap ¶
func Wrap(aHandler http.Handler, aRealm, aPasswdFile string, aAuthDecider TAuthDecider) http.Handler
Wrap returns a handler function that includes authentication, wrapping the given `aHandler` and calling it internally.
`aHandler` responds to the actual HTTP request; this is
the handler to be called after successful authentication.
`aRealm` The symbolic name of the domain/host to protect. `aPasswdFile` The name of the password file to use. `aAuthDecider`
Types ¶
type TAuthDecider ¶
type TAuthDecider interface { // NeedAuthentication returns `true` if authentication // is required, or `false` otherwise. // // `aRequest` holds the URL to check. NeedAuthentication(aRequest *http.Request) bool }
TAuthDecider is an interface deciding whether a given URL needs authentication or not.
type TAuthNeeder ¶
type TAuthNeeder int
TAuthNeeder provides a `TAuthDecider` implementation always returning `true`.
func (TAuthNeeder) NeedAuthentication ¶
func (ad TAuthNeeder) NeedAuthentication(aRequest *http.Request) bool
NeedAuthentication returns `true` thus requiring authentication for any URL.
type TAuthSkipper ¶
type TAuthSkipper int
TAuthSkipper provides a `TAuthDecider` implementation always returning `false`.
func (TAuthSkipper) NeedAuthentication ¶
func (ad TAuthSkipper) NeedAuthentication(aRequest *http.Request) bool
NeedAuthentication returns `false` thus skipping any authentication.
type TPassList ¶
type TPassList tPassList
TPassList holds the list of username/password values.
func LoadPasswords ¶
LoadPasswords reads the given `aFilename` returning a `TUserList` instance filled with data read from the password file and a possible error condition.
This function reads one line at a time of the password file skipping both empty lines and comments (identified by `#` or `;` at line start).
`aFilename` The name of the password file to read.
func NewList ¶
NewList returns a new `TUserList` instance.
`aFilename` The name of the password file to use for
`Load()` and `Store()`
func (*TPassList) Add ¶
Add inserts `aUser` with `aPassword` into the list.
Before storing `aPassword` it gets peppered and hashed.
`aUser` The new user's name to use. `aPassword` The user's password to store.
func (*TPassList) Exists ¶
Exists returns `true` if `aUser` exists in the list, or `false` if not found.
`aUser` The username to lookup.
func (*TPassList) Find ¶
Find returns the hashed password of `aUser` and `true`, or an empty string and `false` if not found.
`aUser` The username to lookup.
func (*TPassList) IsAuthenticated ¶
IsAuthenticated checks `aRequest` for authentication data, returning `nil` for successful authentication, or an `error` otherwise.
On success the username/password are stored in the `aRequest.URL.User` structure to allow for other handlers checking its existence and act accordingly.
`aRequest` The HTTP request received by a server.
func (*TPassList) Load ¶
Load reads the password file named in `LoadPasswords()` or `NewList()` replacing any older list's contents with the file's.
func (*TPassList) Matches ¶
Matches checks whether `aPassword` of `aUser` matches the stored password.
`aUser` The username to lookup. `aPassword` The (unhashed) password to check.