authd

authd is a (JWT) token-based authentication micro-service based on libipc. authd stores users (login, encrypted password), their profile (arbitrary data) and their permissions. For example, authd is used by dnsmanagerd to handle authentication and permissions.

No SQL, the entire database is stored in plain files, thanks to the DODB database library.

The netlibre service is the first to use authd in a real-life deployment.

Build

authd is written in Crystal. You’ll need the following tools to build it: crystal, shards and make.

make
make install

Run

$ authd --help

For a more extensive documentation, please read the manual for both authd and authctl.

See the configuration example to avoid long command-line parameters.

Also, extensive usage examples are available in the makefiles.

Administration

# First user in the database is an administrator.
authctl bootstrap name email

# Add a user:
authctl user add login email

For a comprehensive list of available commands, please read the authctl manual.

Real-life deployment

For a real-life deployment, you might want to enable registration. In this case, you need to get a mailer application to send template emails. See an example of such application.

Backup and migration

# Database backup.
tar cfz db.tar.gz ./db-authd

# Database migration.
tar xfz db.tar.gz

Wasn't that hard, isn't it?

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

API and design choices

See API.md and DESIGN-CHOICES.md.

2.2 KiB Raw Blame History Unescape Escape