auth

package

v8.23.4 Latest Latest Go to latest Published: Apr 27, 2024 License: MIT Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rqlite/rqlite

Links

Open Source Insights

Documentation ¶

Overview ¶

Package auth is a lightweight credential store. It provides functionality for loading credentials, as well as validating credentials.

Index ¶

Constants
type BasicAuther
type Credential
type CredentialsStore
- func NewCredentialsStore() *CredentialsStore
- func NewCredentialsStoreFromFile(path string) (*CredentialsStore, error)

Constants ¶

View Source

const (
	// AllUsers is the username that indicates all users, even anonymous users (requests without
	// any BasicAuth information).
	AllUsers = "*"

	// PermAll means all actions permitted.
	PermAll = "all"
	// PermJoin means user is permitted to join cluster.
	PermJoin = "join"
	// PermJoinReadOnly means user is permitted to join the cluster only as a read-only node
	PermJoinReadOnly = "join-read-only"
	// PermRemove means user is permitted to remove a node.
	PermRemove = "remove"
	// PermExecute means user can access execute endpoint.
	PermExecute = "execute"
	// PermQuery means user can access query endpoint
	PermQuery = "query"
	// PermStatus means user can retrieve node status.
	PermStatus = "status"
	// PermReady means user can retrieve ready status.
	PermReady = "ready"
	// PermBackup means user can backup node.
	PermBackup = "backup"
	// PermLoad means user can load a SQLite dump into a node.
	PermLoad = "load"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type BasicAuther ¶

type BasicAuther interface {
	BasicAuth() (string, string, bool)
}

BasicAuther is the interface an object must support to return basic auth information.

type Credential ¶

type Credential struct {
	Username string   `json:"username,omitempty"`
	Password string   `json:"password,omitempty"`
	Perms    []string `json:"perms,omitempty"`
}

Credential represents authentication and authorization configuration for a single user.

type CredentialsStore ¶

type CredentialsStore struct {
	// contains filtered or unexported fields
}

CredentialsStore stores authentication and authorization information for all users.

func NewCredentialsStore ¶

func NewCredentialsStore() *CredentialsStore

NewCredentialsStore returns a new instance of a CredentialStore.

func NewCredentialsStoreFromFile ¶

func NewCredentialsStoreFromFile(path string) (*CredentialsStore, error)

NewCredentialsStoreFromFile returns a new instance of a CredentialStore loaded from a file.

func (*CredentialsStore) AA ¶

func (c *CredentialsStore) AA(username, password, perm string) bool

AA authenticates and checks authorization for the given username and password for the given perm. If the credential store is nil, then this function always returns true. If AllUsers have the given perm, authentication is not done. Only then are the credentials checked, and then the perm checked.

func (*CredentialsStore) Check ¶

func (c *CredentialsStore) Check(username, password string) bool

Check returns true if the password is correct for the given username.

func (*CredentialsStore) CheckRequest ¶

func (c *CredentialsStore) CheckRequest(b BasicAuther) bool

CheckRequest returns true if b contains a valid username and password.

func (*CredentialsStore) HasAnyPerm ¶

func (c *CredentialsStore) HasAnyPerm(username string, perm ...string) bool

HasAnyPerm returns true if username has at least one of the given perms, either directly, or via AllUsers. It does not perform any password checking.

func (*CredentialsStore) HasPerm ¶

func (c *CredentialsStore) HasPerm(username string, perm string) bool

HasPerm returns true if username has the given perm, either directly or via AllUsers. It does not perform any password checking.

func (*CredentialsStore) HasPermRequest ¶

func (c *CredentialsStore) HasPermRequest(b BasicAuther, perm string) bool

HasPermRequest returns true if the username returned by b has the given perm. It does not perform any password checking, but if there is no username in the request, it returns false.

func (*CredentialsStore) Load ¶

func (c *CredentialsStore) Load(r io.Reader) error

Load loads credential information from a reader.

func (*CredentialsStore) Password ¶

func (c *CredentialsStore) Password(username string) (string, bool)

Password returns the password for the given user.

Source Files ¶

View all Source files

credential_store.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL