caddyauth

package
v2.0.0-beta5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 10, 2019 License: Apache-2.0 Imports: 15 Imported by: 62

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Account

type Account struct {
	Username string `json:"username"`
	Password []byte `json:"password"`
	Salt     []byte `json:"salt,omitempty"` // for algorithms where external salt is needed
}

Account contains a username, password, and salt (if applicable).

type Authentication

type Authentication struct {
	ProvidersRaw map[string]json.RawMessage `json:"providers,omitempty"`

	Providers map[string]Authenticator `json:"-"`
}

Authentication is a middleware which provides user authentication.

func (Authentication) CaddyModule

func (Authentication) CaddyModule() caddy.ModuleInfo

CaddyModule returns the Caddy module information.

func (*Authentication) Provision

func (a *Authentication) Provision(ctx caddy.Context) error

Provision sets up a.

func (Authentication) ServeHTTP

type Authenticator

type Authenticator interface {
	Authenticate(http.ResponseWriter, *http.Request) (User, bool, error)
}

Authenticator is a type which can authenticate a request. If a request was not authenticated, it returns false. An error is only returned if authenticating the request fails for a technical reason (not for bad/missing credentials).

type BcryptHash

type BcryptHash struct{}

BcryptHash implements the bcrypt hash.

func (BcryptHash) CaddyModule

func (BcryptHash) CaddyModule() caddy.ModuleInfo

CaddyModule returns the Caddy module information.

func (BcryptHash) Compare

func (BcryptHash) Compare(hashed, plaintext, _ []byte) (bool, error)

Compare compares passwords.

type Comparer

type Comparer interface {
	// Compare returns true if the result of hashing
	// plaintextPassword with salt is hashedPassword,
	// false otherwise. An error is returned only if
	// there is a technical/configuration error.
	Compare(hashedPassword, plaintextPassword, salt []byte) (bool, error)
}

Comparer is a type that can securely compare a plaintext password with a hashed password in constant-time. Comparers should hash the plaintext password and then use constant-time comparison.

type HTTPBasicAuth

type HTTPBasicAuth struct {
	HashRaw     json.RawMessage `json:"hash,omitempty"`
	AccountList []Account       `json:"accounts,omitempty"`
	Realm       string          `json:"realm,omitempty"`

	Accounts map[string]Account `json:"-"`
	Hash     Comparer           `json:"-"`
}

HTTPBasicAuth facilitates HTTP basic authentication.

func (HTTPBasicAuth) Authenticate

func (hba HTTPBasicAuth) Authenticate(w http.ResponseWriter, req *http.Request) (User, bool, error)

Authenticate validates the user credentials in req and returns the user, if valid.

func (HTTPBasicAuth) CaddyModule

func (HTTPBasicAuth) CaddyModule() caddy.ModuleInfo

CaddyModule returns the Caddy module information.

func (*HTTPBasicAuth) Provision

func (hba *HTTPBasicAuth) Provision(ctx caddy.Context) error

Provision provisions the HTTP basic auth provider.

type ScryptHash

type ScryptHash struct {
	N         int `json:"N,omitempty"`
	R         int `json:"r,omitempty"`
	P         int `json:"p,omitempty"`
	KeyLength int `json:"key_length,omitempty"`
}

ScryptHash implements the scrypt KDF as a hash.

func (ScryptHash) CaddyModule

func (ScryptHash) CaddyModule() caddy.ModuleInfo

CaddyModule returns the Caddy module information.

func (ScryptHash) Compare

func (s ScryptHash) Compare(hashed, plaintext, salt []byte) (bool, error)

Compare compares passwords.

func (*ScryptHash) Provision

func (s *ScryptHash) Provision(_ caddy.Context) error

Provision sets up s.

func (*ScryptHash) SetDefaults

func (s *ScryptHash) SetDefaults()

SetDefaults sets safe default parameters, but does not overwrite existing values. Each default parameter is set independently; it does not check to ensure that r*p < 2^30. The defaults chosen are those as recommended in 2019 by https://godoc.org/golang.org/x/crypto/scrypt.

type User

type User struct {
	ID string
}

User represents an authenticated user.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL