123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248 |
- package zTinyPasswd
- import (
- "os"
- "git.swzry.com/zry/pathutils"
- "encoding/json"
- "io/ioutil"
- "sync"
- "golang.org/x/crypto/bcrypt"
- "errors"
- )
- type UserData struct {
- username string `json:"-"`
- Password string `json:"password"`
- RoleName string `json:"role"`
- External string `json:"extdata"`
- }
- type UserDatabase struct {
- UserMap map[string]UserData `json:"user_map"`
- External map[string]string `json:"external_data"`
- }
- type PasswdManager struct{
- fromFileName bool
- storage_file *os.File
- storage UserDatabase
- stlock sync.RWMutex
- }
- func NewPasswdManagerFromFileName(filename string) (*PasswdManager, error) {
- ex,_ := pathutils.PathExists(filename)
- var file *os.File
- var err error
- if !ex {
- file,err = os.Create(filename)
- if err != nil {
- return nil, err
- }
- }else {
- file,err = os.OpenFile(filename, os.O_RDWR, 0666)
- if err != nil{
- return nil, err
- }
- }
- p, err := NewPasswdManagerFromFileObject(file)
- if err == nil {
- p.fromFileName = true
- }
- return p, err
- }
- func NewPasswdManagerFromFileObject(file *os.File) (*PasswdManager, error) {
- p := &PasswdManager{
- storage_file: file,
- fromFileName: false,
- }
- jdata,err := ioutil.ReadAll(p.storage_file)
- if err != nil{
- return nil, err
- }
- if len(jdata) == 0{
- p.storage = UserDatabase{
- UserMap: make(map[string]UserData),
- External: make(map[string]string),
- }
- p.sync()
- }else {
- err = json.Unmarshal(jdata, &p.storage)
- if err != nil {
- return nil,err
- }
- }
- for k,v := range p.storage.UserMap {
- v.username = k
- }
- return p, nil
- }
- func (this *PasswdManager) Close() {
- if this.fromFileName {
- this.storage_file.Close()
- }
- }
- func (this *PasswdManager) Add(username string, passwd []byte, role string) error {
- brpasswd,err := bcrypt.GenerateFromPassword(passwd, 10)
- if err != nil{
- return err
- }
- passwdinstr := string(brpasswd)
- this.stlock.Lock()
- this.storage.UserMap[username] = UserData{
- username: username,
- Password: passwdinstr,
- RoleName: role,
- External: "",
- }
- this.stlock.Unlock()
- this.sync()
- return nil
- }
- func (this *PasswdManager) sync() error {
- this.stlock.RLock()
- defer this.stlock.RUnlock()
- jdata,err := json.MarshalIndent(this.storage, "", "\t")
- if err != nil {
- return err
- }
- this.storage_file.Truncate(0)
- this.storage_file.Seek(0,0)
- this.storage_file.Write(jdata)
- this.storage_file.Sync()
- return nil
- }
- func (this *PasswdManager) GetUserInfo(username string) (role string, external string){
- this.stlock.RLock()
- defer this.stlock.RUnlock()
- v, ok := this.storage.UserMap[username]
- if ok {
- rs := v.RoleName
- es := v.External
- return rs,es
- }else {
- return "",""
- }
- }
- func (this *PasswdManager) _getUser(username string) *UserData {
- this.stlock.RLock()
- defer this.stlock.RUnlock()
- v, ok := this.storage.UserMap[username]
- if ok {
- return &v
- }else {
- return nil
- }
- }
- func (this *PasswdManager) ListUser() []string {
- this.stlock.RLock()
- defer this.stlock.RUnlock()
- ud := make([]string, len(this.storage.UserMap))
- i := 0
- for k := range this.storage.UserMap {
- ud[i] = k
- i++
- }
- return ud
- }
- func (this *PasswdManager) Auth(username string, passwd []byte) bool {
- u := this._getUser(username)
- if u == nil {
- return false
- }
- this.stlock.RLock()
- defer this.stlock.RUnlock()
- err := bcrypt.CompareHashAndPassword([]byte(u.Password), passwd)
- if err != nil{
- return false
- }
- return true
- }
- func (this *PasswdManager) ChangePassword(username string, newpass []byte) error {
- brpasswd,err := bcrypt.GenerateFromPassword(newpass, 10)
- if err != nil{
- return err
- }
- passwdinstr := string(brpasswd)
- user := this._getUser(username)
- if user == nil{
- return errors.New("NoSuchUser")
- }
- this.stlock.Lock()
- user.Password = passwdinstr
- this.stlock.Unlock()
- this.sync()
- return nil
- }
- func (this *PasswdManager) ChangeExternal(username string, new_external string) error {
- user := this._getUser(username)
- if user == nil{
- return errors.New("NoSuchUser")
- }
- this.stlock.Lock()
- user.External = new_external
- this.stlock.Unlock()
- this.sync()
- return nil
- }
- func (this *PasswdManager) ChangeRole(username string, new_role string) error {
- user := this._getUser(username)
- if user == nil{
- return errors.New("NoSuchUser")
- }
- this.stlock.Lock()
- user.RoleName = new_role
- this.stlock.Unlock()
- this.sync()
- return nil
- }
- func (this *PasswdManager) DeleteUser(username string) error {
- this.stlock.Lock()
- defer this.stlock.Unlock()
- _, ok := this.storage.UserMap[username]
- if ok{
- delete(this.storage.UserMap, username)
- return nil
- }else {
- return errors.New("NoSuchUser")
- }
- }
- func (this *PasswdManager) RenameUser(oldname string, new_name string) error {
- user := this._getUser(oldname)
- if user == nil{
- return errors.New("NoSuchUser")
- }
- oldn := user.username
- upwd := user.Password
- role := user.RoleName
- uext := user.External
- this.DeleteUser(oldn)
- this.Add(new_name, []byte(""), role)
- this.stlock.Lock()
- nu := this.storage.UserMap[new_name]
- nu.Password = upwd
- nu.External = uext
- this.stlock.Unlock()
- return nil
- }
- func (this *PasswdManager) UserExists(username string) bool {
- u := this._getUser(username)
- if u == nil{
- return false
- }else {
- return true
- }
- }
|