README
¶
Authenticator
Manage and generate one-time passwords for multiple accounts.
Prerequisites
Go >= 1.22
Keyring
Support OS X, Linux/BSD (dbus) and Windows.
OS X
The OS X implementation depends on the /usr/bin/security binary for
interfacing with the OS X keychain. It should be available by default.
Linux and *BSD
The Linux and *BSD implementation depends on the [Secret Service][SecretService] dbus interface, which is provided by GNOME Keyring.
It's expected that the default collection login exists in the keyring, because
it's the default in most distros. If it doesn't exist, you can create it through the
keyring frontend program Seahorse:
- Open
seahorse - Go to File > New > Password Keyring
- Click Continue
- When asked for a name, use: login
Install
go get go.nhat.io/authenticator
Data Storage and Security
The accounts are grouped as namespace, the list of namespaces is stored in $HOME/.authenticator.toml. The content is in plain text and in toml format.
For example
namespace = ["namespace1", "namespace2"]
The namespace data, such as namespace name, and accounts are stored in the keyring in go.nhat.io/authenticator service and <namespace> key.
The totp secret of each account is stored in the keyring in go.nhat.io/authenticator service and <namespace>/<account> key.
Donation
If this project help you reduce time to develop, you can give me a cup of coffee :)
Paypal donation
or scan this
Documentation
¶
Overview ¶
Package authenticator provides functionalities to manage and generate one-time passwords.
Index ¶
- Variables
- func CreateNamespace(id, name string) error
- func DeleteAccount(namespace string, account string) error
- func DeleteNamespace(id string) error
- func EncodeTOTPQRCode(w io.Writer, account Account, format string, width, height int, ...) error
- func GenerateTOTP(ctx context.Context, namespace, account string, opts ...GenerateTOTPOption) (otp.OTP, error)
- func GenerateTOTPQRCode(path string, account Account, width, height int, ...) error
- func GetAllNamespaceIDs() ([]string, error)
- func SetAccount(namespace string, account Account) error
- func SetAccountStorage(s secretstorage.Storage[Account]) func()
- func SetNamespaceStorage(s secretstorage.Storage[Namespace]) func()
- func TOTPSecretFromEnv() otp.TOTPSecretProvider
- func UpdateNamespace(id string, n Namespace) error
- type Account
- type GenerateTOTPOption
- type Namespace
- type Option
- type TOTPSecretProvider
- type TOTPSecretProviderOption
Constants ¶
This section is empty.
Variables ¶
var ( // ErrNamespaceExists indicates that the namespace already exists. ErrNamespaceExists = errors.New("namespace already exists") // ErrNamespaceNotFound indicates that the namespace was not found. ErrNamespaceNotFound = errors.New("namespace not found") )
var ( // ErrUnknownFormat indicates that the format is unknown. ErrUnknownFormat = fmt.Errorf("unknown format") // ErrUnsupportedFormat indicates that the format is unsupported. ErrUnsupportedFormat = fmt.Errorf("unsupported format") )
var ErrAccountNotFound = errors.New("account not found")
ErrAccountNotFound indicates that the account was not found.
Functions ¶
func CreateNamespace ¶
CreateNamespace creates a new namespace.
func DeleteAccount ¶ added in v0.2.0
DeleteAccount deletes the account and removes it from the namespace.
func EncodeTOTPQRCode ¶ added in v0.2.0
func EncodeTOTPQRCode(w io.Writer, account Account, format string, width, height int, listOfHints ...map[gozxing.EncodeHintType]any) error
EncodeTOTPQRCode produces a TOTP QR code for the given account.
func GenerateTOTP ¶
func GenerateTOTP(ctx context.Context, namespace, account string, opts ...GenerateTOTPOption) (otp.OTP, error)
GenerateTOTP generates a TOTP code for the given account.
func GenerateTOTPQRCode ¶ added in v0.2.0
func GenerateTOTPQRCode(path string, account Account, width, height int, listOfHints ...map[gozxing.EncodeHintType]any) error
GenerateTOTPQRCode generates a TOTP QR code for the given account.
func GetAllNamespaceIDs ¶
GetAllNamespaceIDs returns all namespace ids.
func SetAccount ¶ added in v0.2.0
SetAccount persists the account.
func SetAccountStorage ¶ added in v0.2.0
func SetAccountStorage(s secretstorage.Storage[Account]) func()
SetAccountStorage sets the account storage.
func SetNamespaceStorage ¶
func SetNamespaceStorage(s secretstorage.Storage[Namespace]) func()
SetNamespaceStorage sets the namespace storage.
func TOTPSecretFromEnv ¶ added in v0.3.0
func TOTPSecretFromEnv() otp.TOTPSecretProvider
TOTPSecretFromEnv returns a TOTP secret from the environment.
func UpdateNamespace ¶
UpdateNamespace updates the namespace.
Types ¶
type Account ¶ added in v0.2.0
type Account struct {
Name string `json:"name" toml:"name" yaml:"name"`
TOTPSecret otp.TOTPSecret `json:"totp_secret" toml:"totp_secret" yaml:"totp_secret"`
Issuer string `json:"issuer" toml:"issuer" yaml:"issuer"`
Metadata map[string]any `json:"metadata" toml:"metadata" yaml:"metadata"`
}
Account represents an account.
func DecodeTOTPQRCode ¶ added in v0.2.0
DecodeTOTPQRCode decodes a TOTP QR code from the given file path.
func GetAccount ¶ added in v0.2.0
GetAccount returns the account.
func ParseTOTPQRCode ¶
ParseTOTPQRCode decodes a TOTP QR code from the given file path.
func (Account) MarshalText ¶ added in v0.2.0
MarshalText implements the encoding.TextMarshaler interface.
func (*Account) UnmarshalText ¶ added in v0.2.0
UnmarshalText implements the encoding.TextUnmarshaler interface.
type GenerateTOTPOption ¶
type GenerateTOTPOption interface {
// contains filtered or unexported methods
}
GenerateTOTPOption is an option to configure generateTOTPConfig.
func WithClock ¶
func WithClock(clock clock.Clock) GenerateTOTPOption
WithClock sets the clock to use.
func WithTOTPSecret ¶
func WithTOTPSecret(s otp.TOTPSecret) GenerateTOTPOption
WithTOTPSecret sets the secret to use.
func WithTOTPSecretGetter ¶
func WithTOTPSecretGetter(secretGetter otp.TOTPSecretGetter) GenerateTOTPOption
WithTOTPSecretGetter sets the secret getter to use.
type Namespace ¶
type Namespace struct {
Name string `json:"name" toml:"name" yaml:"name"`
Accounts []string `json:"accounts" toml:"accounts" yaml:"accounts"`
}
Namespace represents a namespace.
func GetNamespace ¶
GetNamespace returns the namespace.
func (Namespace) MarshalText ¶
MarshalText implements the encoding.TextMarshaler interface.
func (*Namespace) UnmarshalText ¶
UnmarshalText implements the encoding.TextUnmarshaler interface.
type Option ¶ added in v0.3.0
type Option interface {
GenerateTOTPOption
TOTPSecretProviderOption
}
Option is a configuration option for services provided by this package.
func WithLogger ¶ added in v0.2.0
WithLogger sets the logger to use.
type TOTPSecretProvider ¶ added in v0.5.0
type TOTPSecretProvider struct {
// contains filtered or unexported fields
}
TOTPSecretProvider manages the TOTP secret.
func TOTPSecretFromAccount ¶ added in v0.3.0
func TOTPSecretFromAccount(namespace, account string, opts ...TOTPSecretProviderOption) *TOTPSecretProvider
TOTPSecretFromAccount returns a TOTP secret getter for the given account.
func (*TOTPSecretProvider) DeleteTOTPSecret ¶ added in v0.5.0
func (s *TOTPSecretProvider) DeleteTOTPSecret(context.Context) error
DeleteTOTPSecret deletes the TOTP secret from the keyring.
func (*TOTPSecretProvider) SetTOTPSecret ¶ added in v0.5.0
func (s *TOTPSecretProvider) SetTOTPSecret(_ context.Context, secret otp.TOTPSecret, issuer string) error
SetTOTPSecret sets the TOTP secret to the keyring.
func (*TOTPSecretProvider) TOTPSecret ¶ added in v0.5.0
func (s *TOTPSecretProvider) TOTPSecret(ctx context.Context) otp.TOTPSecret
TOTPSecret returns the TOTP secret from the keyring.
type TOTPSecretProviderOption ¶ added in v0.5.0
type TOTPSecretProviderOption interface {
// contains filtered or unexported methods
}
TOTPSecretProviderOption is an option to configure TOTPSecretProvider.
Source Files