avyos.dev/pkg/identity

package identity

Package Overview

No package-level documentation is provided.

Export Group	Count
Constants	0
Variables	1
Functions	6
Types	6

Variables

var (
	ErrUserNotFound        = errors.New("user not found")
	ErrGroupNotFound       = errors.New("group not found")
	ErrAuthNotFound        = errors.New("auth entry not found")
	ErrInvalidCredentials  = errors.New("invalid credentials")
	ErrAccountLocked       = errors.New("account is locked")
	ErrInvalidIdentityKind = errors.New("invalid identity kind")
	ErrNoAvailableID       = errors.New("no available id in range")
)

Common errors

Functions

func AddIdentity(id Identity, kind string) error

AddIdentity register new identity into system config

func GetAuthType(username string) (string, error)

GetAuthType returns the authentication type for a user

func GetNextAvailableId(kind string) (uint, error)

func HashPassword(password string) string

HashPassword creates a hash for a password

func IsAccountLocked(username string) bool

IsAccountLocked checks if a user account is locked

func UpdatePassword(identity, oldpassword, newpassword string) error

UpdatePassword update the password

Types

Auth

type Auth struct {
	ID   uint   `json:"id"`
	Name string `json:"name"`
	Type string `json:"type"` // "password", "none", "locked"
	Hash string `json:"hash,omitempty"`
}

Auth represents authentication info from auth.conf

AuthConfig

type AuthConfig struct {
	Entries []Auth `json:"entries"`
}

AuthConfig holds all authentication entries

Capability

type Capability struct {
	ID   uint   `json:"id"`
	Name string `json:"name"`
}

Capability represents a Unix group mapping from capabilities.conf

Functions

func ListCapabilities() ([]*Capability, error)

ListCapabilities returns all capabilities in the system

func LookupCapabilityByID(gid uint) (*Capability, error)

LookupCapabilityByID finds a capability by its numeric ID

func LookupCapabilityByName(name string) (*Capability, error)

LookupCapabilityByName finds a capability by its name

CapabilityConfig

type CapabilityConfig struct {
	Capabilities []Capability `json:"capabilities"`
}

CapabilityConfig holds all capabilities (group mappings)

Identity

type Identity struct {
	ID           uint     `json:"id"`
	Name         string   `json:"name"`
	Capabilities []string `json:"capabilities"`
	Home         string   `json:"home,omitempty"`
	Shell        string   `json:"shell,omitempty"`
}

Identity represents a user account from identity.conf

Functions

func Authenticate(username, password string) (*Identity, error)

Authenticate verifies credentials and returns the identity

func AuthenticateByID(uid uint, password string) (*Identity, error)

AuthenticateByID verifies credentials using user ID

func GetCapabilityMembers(capName string) ([]*Identity, error)

GetCapabilityMembers returns all identities who have a capability

func ListIdentities() ([]*Identity, error)

ListIdentities returns all identities in the system

func LookupByID(uid uint) (*Identity, error)

LookupByID finds an identity by their numeric ID

func LookupByName(name string) (*Identity, error)

LookupByName finds an identity by their username

Methods

func (i *Identity) GetGroupIDs() []uint

GetGroupIDs returns all group IDs for the identity

func (i *Identity) GetGroups() ([]*Capability, error)

GetGroups returns all Unix groups for this identity

func (i *Identity) HasCapability(cap string) bool

HasCapability checks if an identity has a specific capability

func (i *Identity) InGroup(groupName string) bool

InGroup checks if an identity is in a specific Unix group (via unix: capability)

IdentityConfig

type IdentityConfig struct {
	Identities []Identity `json:"identities"`
}

IdentityConfig holds all identities

Functions

func LoadIdentityConfig() (*IdentityConfig, error)

LoadIdentityConfig reads and parses the identity config file