libfossil
fossil-auth.h File Reference
#include "fossil-core.h"

Go to the source code of this file.

Functions

FSL_EXPORT int fsl_repo_login_clear (fsl_cx *f, fsl_id_t userId)
 Clears all login state for the given user ID. More...
 
FSL_EXPORT char * fsl_repo_login_cookie_name (fsl_cx *f)
 Fetches the login cookie name associated with the current repository db, or 0 if no repository is opened. More...
 
FSL_EXPORT char * fsl_repo_login_group_name (fsl_cx *f)
 Fetches the login group name (if any) for the given context's current repositorty db. More...
 
FSL_EXPORT int fsl_repo_login_search_uid (fsl_cx *f, char const *zUsername, char const *zPasswd, fsl_id_t *pId)
 Searches for a user ID (from the repo.user.uid DB field) for a given username and password. More...
 
FSL_EXPORT char * fsl_sha1_shared_secret (fsl_cx *f, char const *zLoginName, char const *zPw)
 If f has an opened repository, this function forms a hash from: More...
 

Function Documentation

FSL_EXPORT int fsl_repo_login_clear ( fsl_cx f,
fsl_id_t  userId 
)

Clears all login state for the given user ID.

If the ID is <=0 then ALL logins are cleared. Has no effect on the built-in pseudo-users.

Returns non-0 on error, and not finding a matching user ID is not considered an error.

f must have an opened repo, or FSL_RC_NOT_A_REPO is returned.

TODO: there are currently no APIs for _setting_ the state this function clears!

FSL_EXPORT char* fsl_repo_login_cookie_name ( fsl_cx f)

Fetches the login cookie name associated with the current repository db, or 0 if no repository is opened.

The returned (NUL-terminated) string is owned by the caller, who must eventually fsl_free() it. The value is not cached in f because it may change during the lifetime of a repo (if a login group is set or removed).

The login cookie name is a string in the form "fossil-XXX", where XXX is the first 16 hex digits of either the repo's 'login-group-code' or 'project-code' config values (in that order).

FSL_EXPORT char* fsl_repo_login_group_name ( fsl_cx f)

Fetches the login group name (if any) for the given context's current repositorty db.

If f has no opened repo, 0 is returned.

If the repo belongs to a login group, its name is returned in the form of a NUL-terminated string. The returned value (which may be 0) is owned by the caller, who must eventually fsl_free() it. The value (unlike in fossil(1)) is not cached because it may change via modification of the login group.

FSL_EXPORT int fsl_repo_login_search_uid ( fsl_cx f,
char const *  zUsername,
char const *  zPasswd,
fsl_id_t pId 
)

Searches for a user ID (from the repo.user.uid DB field) for a given username and password.

The password may be either its hashed form or non-hashed form (if it is not exactly 40 bytes long, that is!).

On success, 0 is returned and *pId holds the ID of the user found (if any). *pId will be set to 0 if no match for the name/password was found, or positive if a match was found.

If any of the arguments are NULL, FSL_RC_MISUSE is returned. f must have an opened repo, else FSL_RC_NOT_A_REPO is returned.

FSL_EXPORT char* fsl_sha1_shared_secret ( fsl_cx f,
char const *  zLoginName,
char const *  zPw 
)

If f has an opened repository, this function forms a hash from:

"ProjectCode/zLoginName/zPw"

(without the quotes)

where ProjectCode is a repository-instance-dependent series of random bytes. The returned string is owned by the caller, who must eventually fsl_free() it. The project code is stored in the repository's config table under the key 'project-code', and this routine fetches that key if necessary.

Potential TODO:

  • in fossil(1), this function generates a different result (it returns a copy of zPw) if the project code is not set, under the assumption that this is "the first xfer request of a clone." Whether or not that will apply at this level to libfossil remains to be seen.