Documentation ¶
Overview ¶
Package userlist provide a static configuration based authentication system
Each user has a set of ACLs that are applied to the generated token, ACL strings have to comply with the signer you choose, refer to signer documentation for details.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Authenticator ¶
Authenticator is a authenticator with a basic fixed list of users and bcrypt encrypted passwords
func New ¶
func New(c *AuthenticatorConfig, log *logrus.Entry, site string) (a *Authenticator, err error)
New creates an instance of the authenticator
func (*Authenticator) Login ¶
func (a *Authenticator) Login(req *models.LoginRequest) (resp *models.LoginResponse)
Login logs someone in using a configured user list
type AuthenticatorConfig ¶
type AuthenticatorConfig struct { Users []*User `json:"users"` UsersFile string `json:"users_file"` TokenValidity string `json:"validity"` SigningKey string `json:"signing_key"` // when set will issue users as a chained signer using this token, the signing key must then be ed25519 SigningToken string `json:"signing_token"` }
AuthenticatorConfig configures the user/pass authenticator
type User ¶
type User struct { // Username in plain text Username string `json:"username"` // Password is a bcrypted password Password string `json:"password"` // Organization is a org name the user belongs to Organization string `json:"organization"` // ACLs are for the action list authorizer ACLs []string `json:"acls"` // OPAPolicy is a string holding a Open Policy Agent rego policy OPAPolicy string `json:"opa_policy"` // OPAPolicyFile is the path to a rego file to embed as the policy for this user OPAPolicyFile string `json:"opa_policy_file"` // Properties are free form additional information to add about a user, this can be // referenced later in a signer or other systems, mostly unused by core choria features atm Properties map[string]string `json:"properties"` // Permissions are additional abilities assigned to the user over and above basic Choria access // use these to allow Streams admin using JWT auth for example Permissions *tokens.ClientPermissions `json:"broker_permissions"` sync.Mutex }
User is a choria user
func (*User) OpenPolicy ¶
OpenPolicy retrieves the OPA Policy either from `OPAPolicy` or by reading the file in `OPAPolicyFile`
Click to show internal directories.
Click to hide internal directories.