Handbook
Home Source Code

avyos.dev/pkg/identity

package identity

Overview

No package-level documentation is provided.

Export GroupCount
Constants0
Variables1
Functions6
Types6

Variables

ErrUserNotFound, ErrGroupNotFound, ErrAuthNotFound, ErrInvalidCredentials, ErrAccountLocked, ErrInvalidIdentityKind, ErrNoAvailableID

var (
	ErrUserNotFound        = errors.New("user not found")
	ErrGroupNotFound       = errors.New("group not found")
	ErrAuthNotFound        = errors.New("auth entry not found")
	ErrInvalidCredentials  = errors.New("invalid credentials")
	ErrAccountLocked       = errors.New("account is locked")
	ErrInvalidIdentityKind = errors.New("invalid identity kind")
	ErrNoAvailableID       = errors.New("no available id in range")
)

Common errors

Functions

AddIdentity

func AddIdentity(id Identity, kind string) error

AddIdentity register new identity into system config

GetAuthType

func GetAuthType(username string) (string, error)

GetAuthType returns the authentication type for a user

GetNextAvailableId

func GetNextAvailableId(kind string) (uint, error)

HashPassword

func HashPassword(password string) string

HashPassword creates a hash for a password

IsAccountLocked

func IsAccountLocked(username string) bool

IsAccountLocked checks if a user account is locked

UpdatePassword

func UpdatePassword(identity, oldpassword, newpassword string) error

UpdatePassword update the password

Types

Auth

type Auth struct {
	ID   uint   `json:"id"`
	Name string `json:"name"`
	Type string `json:"type"` // "password", "none", "locked"
	Hash string `json:"hash,omitempty"`
}

Auth represents authentication info from auth.conf

AuthConfig

type AuthConfig struct {
	Entries []Auth `json:"entries"`
}

AuthConfig holds all authentication entries

Capability

type Capability struct {
	ID   uint   `json:"id"`
	Name string `json:"name"`
}

Capability represents a Unix group mapping from capabilities.conf

Functions

ListCapabilities

func ListCapabilities() ([]*Capability, error)

ListCapabilities returns all capabilities in the system

LookupCapabilityByID

func LookupCapabilityByID(gid uint) (*Capability, error)

LookupCapabilityByID finds a capability by its numeric ID

LookupCapabilityByName

func LookupCapabilityByName(name string) (*Capability, error)

LookupCapabilityByName finds a capability by its name

CapabilityConfig

type CapabilityConfig struct {
	Capabilities []Capability `json:"capabilities"`
}

CapabilityConfig holds all capabilities (group mappings)

Identity

type Identity struct {
	ID           uint     `json:"id"`
	Name         string   `json:"name"`
	Capabilities []string `json:"capabilities"`
	Home         string   `json:"home,omitempty"`
	Shell        string   `json:"shell,omitempty"`
}

Identity represents a user account from identity.conf

Functions

Authenticate

func Authenticate(username, password string) (*Identity, error)

Authenticate verifies credentials and returns the identity

AuthenticateByID

func AuthenticateByID(uid uint, password string) (*Identity, error)

AuthenticateByID verifies credentials using user ID

GetCapabilityMembers

func GetCapabilityMembers(capName string) ([]*Identity, error)

GetCapabilityMembers returns all identities who have a capability

ListIdentities

func ListIdentities() ([]*Identity, error)

ListIdentities returns all identities in the system

LookupByID

func LookupByID(uid uint) (*Identity, error)

LookupByID finds an identity by their numeric ID

LookupByName

func LookupByName(name string) (*Identity, error)

LookupByName finds an identity by their username

Methods

GetGroupIDs

func (i *Identity) GetGroupIDs() []uint

GetGroupIDs returns all group IDs for the identity

GetGroups

func (i *Identity) GetGroups() ([]*Capability, error)

GetGroups returns all Unix groups for this identity

HasCapability

func (i *Identity) HasCapability(cap string) bool

HasCapability checks if an identity has a specific capability

InGroup

func (i *Identity) InGroup(groupName string) bool

InGroup checks if an identity is in a specific Unix group (via unix: capability)

IdentityConfig

type IdentityConfig struct {
	Identities []Identity `json:"identities"`
}

IdentityConfig holds all identities

Functions

LoadIdentityConfig

func LoadIdentityConfig() (*IdentityConfig, error)

LoadIdentityConfig reads and parses the identity config file