Authentication and authorization server providing tokens for users. Pretty much KISS. Usable by all libipc services.
Go to file
2024-12-22 21:50:24 +01:00
apparmor.d apparmor: zoneinfo/ can be in /etc/ (alpine). 2024-12-22 21:50:24 +01:00
bin Change login policy: accept more characters and don't mind the order. 2024-07-01 20:39:32 +02:00
man authctl man-page: exit command. 2024-12-15 18:43:17 +01:00
mk Rename authc in authctl. 2024-12-11 11:34:45 +01:00
spec Very basic initial spec. 2019-06-29 03:56:06 +02:00
src Logs: clean user info, not just a file descriptor. 2024-12-17 00:51:13 +01:00
.gitignore Compress man-pages before install, remove useless makefile var. 2024-12-01 21:43:52 +01:00
API.md README update (and split). 2024-12-11 13:25:08 +01:00
configuration-example.yml Add the log_file configuration parameter to the config example. 2024-12-13 01:47:07 +01:00
db-password-file initial commit 2018-09-22 17:08:28 +00:00
DESIGN-CHOICES.md README update (and split). 2024-12-11 13:25:08 +01:00
makefile Rename authc in authctl. 2024-12-11 11:34:45 +01:00
project.zsh project.zsh: removes useless instructions. 2024-12-01 00:43:05 +01:00
README.md README: fix a link. 2024-12-11 13:29:45 +01:00
shard.yml Rename authc in authctl. 2024-12-11 11:34:45 +01:00
TODO.md README update (and split). 2024-12-11 13:25:08 +01:00

authd

authd is a (JWT) token-based authentication micro-service based on libipc. authd stores users (login, encrypted password), their profile (arbitrary data) and their permissions. For example, authd is used by dnsmanagerd to handle authentication and permissions.

No SQL, the entire database is stored in plain files, thanks to the DODB database library.

The netlibre service is the first to use authd in a real-life deployment.

Build

authd is written in Crystal. Youll need the following tools to build it: crystal, shards and make.

make
make install

Run

$ authd --help

For a more extensive documentation, please read the manual for both authd and authctl.

See the configuration example to avoid long command-line parameters.

Also, extensive usage examples are available in the makefiles.

Administration

# First user in the database is an administrator.
authctl bootstrap name email
# Add a user:
authctl user add login email

For a comprehensive list of available commands, please read the authctl manual.

Real-life deployment

For a real-life deployment, you might want to enable registration. In this case, you need to get a mailer application to send template emails. See an example of such application.

Backup and migration

# Database backup.
tar cfz db.tar.gz ./db-authd

# Database migration.
tar xfz db.tar.gz

Wasn't that hard, isn't it?

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

API and design choices

See API.md and DESIGN-CHOICES.md.