anthropoi

package module
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 20, 2019 License: MIT Imports: 11 Imported by: 0

README

Anthropoi

A simple accounts package and management tool.

What is it

This package sets up and manages user accounts with multi-site support and per-site groups.

Requirements

This package was made for use with PostgreSQL. CockroachDB probably won't work because of triggers.

Installing

Run this command to get the package:

go get -u github.com/Urethramancer/anthropoi

And run this to compile and install the management command:

go get -u github.com/Urethramancer/anthropoi/cmd/anthro

Using the package

(See built-in documentation for parameter information.)

  • New() creates a DBM structure to use for all further calls.
  • ConnectionString() rebuilds and returns a string based on the internally stored parameters.
  • Connect() opens the connection to the specified host, or localhost.
  • DatabaseExists() checks if there is a database of the specified name.
  • Create() creates a new account database with the specified name.
  • InitDatabase() sets up a new database with tables and triggers.

New() will use reasonable defaults for its connection string:

  • host: localhost
  • port: 5432
  • user: postgres
  • password: unused if blank
  • name: unused if blank
  • mode: enable if set to "enable", disable otherwise

Using the CLI tool

The command line tool, anthro, can be used to manage users, profiles, groups and permissions, saving you from having to write your own manager.

init

Running anthro init will set up the initial database. If you want to drop the current database, supply the -D flag. For more advanced features, such as dumping a backup of the database, use the pgsql command from the relevant PostgreSQL package.

user

The usercommand has subcommands for user account management. A user account has just the bare minimum details about a user, such as a display username, primary e-mail, login password, name and special data for some sites. There are two JSON fields, data and tokens, available to use for whatever you need. Methods to make use of them aren't currently implemented, but using PostgreSQL's JSON lookup is fairly straightforward.

user add

The user add subcommand takes a username at minimum. A password and salt will be generated and stored, and the password will be displayed in the terminal. Write it down or lose it!

Optional arguments are e-mail, first and last name and a cost, which is the complexity to use for hashing the password. The current minimum amount is 10, which gives a decent amount for testing. 11+ is recommended for production use, especially on very fast server hardware. The time roughly doubles for each increase by 1.

user remove

The user remove (or user rm) subcommand removes a user by ID or name.

user edit

Line by line editing of user fields, except password.

user list

This lists all users. More flags to filter on will be added in the near future.

profile

The profile command has subcommands for per-site profiles. Profiles are useful when you want one system to handle many domains with different profiles, containing different access rights, but which should share common logins. This is useful for blogging systems where different subdomains are used for different subjects, or to create a domain admin system for e-mail, for example.

profile add

The profile add subcommand adds a profile to a user. Permissions and groups are handled separately.

profile remove

Removes a profile, effectively removing access to a domain for a user.

profile setgroups

This manages groups for a profile, i.e. per-site permissions. Access rights are handled via groups, while profiles can contain collections of groups.

profile copy

This allows you to copy the non-personal parts of a profile from one user to another to quickly set permissions.

profile list

Lists profiles in the database, with optional filtering by site and by user.

Documentation

Index

Constants

View Source 
const (
	DefaultName = "accounts"
)

Variables

This section is empty.

Functions

func Base6424 added in v0.4.0 

func Base6424(src string) string

Base6424 used by some password hashing algorithms.

func GenString 

func GenString(size int) string

GenString generates a random string, usable for passwords.

func GenerateDovecotPassword added in v0.4.0 

func GenerateDovecotPassword(password, salt string, rounds int) string

GenerateDovecotPassword creates a Dovecot-compatible password with the SHA512-CRYPT algorithm prefix.

Types

type DBM 

type DBM struct {
	*sql.DB
	// contains filtered or unexported fields
}

DBM is a DB manager for user accounts and groups.

func New 

func New(host, port, user, password, mode string) *DBM

New DBM setup.

func (*DBM) AddUser 

func (db *DBM) AddUser(username, password, email, first, last, data, tokens string, cost int) (*User, error)

AddUser creates a new User. This may fail.

func (*DBM) Connect 

func (db *DBM) Connect(name string) error

OpenDB and set the pointer in the DBM struct.

func (*DBM) ConnectionString 

func (db *DBM) ConnectionString() string

func (*DBM) Create 

func (db *DBM) Create(name string) error

Create the database and retain the name.

func (*DBM) DatabaseExists 

func (db *DBM) DatabaseExists(name string) bool

DatabaseExists checks for the existence of the actual database.

func (*DBM) DeleteUser 

func (db *DBM) DeleteUser(id int64) error

DeleteUser by ID.

func (*DBM) DeleteUserByName 

func (db *DBM) DeleteUserByName(name string) error

DeleteUserByName for when that's needed.

func (*DBM) Drop 

func (db *DBM) Drop(name string) error

Drop a named database.

func (*DBM) GetSitesForUser added in v0.4.0 

func (db *DBM) GetSitesForUser(u *User) error

GetSitesForUser fills the Sites field in the User struct.

func (*DBM) GetUser 

func (db *DBM) GetUser(id int64) (*User, error)

GetUser returns a User based on an ID.

func (*DBM) GetUserByName 

func (db *DBM) GetUserByName(name string) (*User, error)

GetUserByName for when you don't have an ID.

func (*DBM) GetUsers added in v0.2.0 

func (db *DBM) GetUsers(limit int64) ([]*User, error)

GetUsers retrieves all users, up to a limit, sorted by ID.

func (*DBM) InitDatabase 

func (db *DBM) InitDatabase() error

InitDatabase creates the tables, functions and triggers required for the full account system.

func (*DBM) SaveUser 

func (db *DBM) SaveUser(u *User) error

UpdateUser saves an existing user by ID.

type Group 

type Group struct {
	ID   int64
	Name string
}

Group for a site.

type Site added in v0.4.0 

type Site struct {
	ID     int64
	Name   string
	Groups map[string]Group
}

Site or domain.

type User 

type User struct {

	// ID of user in the database.
	ID int64
	// Username to log in with.
	Usermame string
	// Password for user account.
	Password string
	// Salt for the password.
	Salt string
	// Email to verify account or reset password.
	Email string
	// Created timestamp.
	Created time.Time
	// Locked accounts can't log in.
	Locked bool

	// Sites the user is a member of.
	Sites []string

	// First name of user (optional).
	First string
	// Last name of user (optional).
	Last string
	// Data for the account. JSON field for all the customising you need.
	Data string
	// Tokens is meant to store any authentication tokens required for external sites.
	Tokens string
}

User account structure holds basic login and personal information.

func (*User) CheckPassword 

func (u *User) CheckPassword(password string) bool

CheckPassword against the account's hash.

func (*User) CompareDovecotHashAndPassword added in v0.4.0 

func (u *User) CompareDovecotHashAndPassword(password string) bool

func (*User) SetDovecotPassword added in v0.4.0 

func (u *User) SetDovecotPassword(password string, rounds int)

SetDovecotPassword sets a Dovecot-compatible password for the user.

func (*User) SetPassword 

func (u *User) SetPassword(password string, cost int) error

SetPassword generates a new salt and sets the password.

Source Files

View all Source files

Directories

Path Synopsis
cmd
anthro

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.