ExFTP.Auth.PassthroughAuth (ExFTP v1.0.4)
View SourceWhen authenticator is ExFTP.Auth.PassthroughAuth, this authenticator will require credentials,
but accepts any user and password combination who isn't root.
๐ Security
Don't use PassthroughAuth for production servers.
โ๏ธ Configuration
Keys
- authenticator ==
ExFTP.Auth.PassthroughAuth - authenticator_config ==
%{}
Example
%{
# ... ,
authenticator: ExFTP.Auth.PassthroughAuth,
authenticator_config: %{}
}๐ See Also
๐ Resources
- ๐ RFC 959 (section-4)
- ๐ RFC 3659
- ๐ฌ Contact the maintainer (he's happy to help!)
Summary
Functions
Assumes the user is still authenticated as long as authenticated: true
still exists in the authenticator_state.
Login will respond {:ok, unmodified_auth_state} to anyone but username: "root"
Returns true if username is anything except "root"
Functions
@spec authenticated?(authenticator_state :: ExFTP.Authenticator.authenticator_state()) :: boolean()
Assumes the user is still authenticated as long as authenticated: true
still exists in the authenticator_state.
๐ท๏ธ Params
- authenticator_state ::
ExFTP.Authenticator.authenticator_state/0
โคต๏ธ Returns
โ On Success
`true` or `false`๐ป Examples
iex> alias ExFTP.Auth.PassthroughAuth
iex> PassthroughAuth.authenticated?(%{authenticated: true})
true
iex> PassthroughAuth.authenticated?(%{})
false@spec login( password :: ExFTP.Authenticator.password(), authenticator_state :: ExFTP.Authenticator.authenticator_state() ) :: {:ok, ExFTP.Authenticator.authenticator_state()} | {:error, term()}
Login will respond {:ok, unmodified_auth_state} to anyone but username: "root"
๐ท๏ธ Params
- password ::
ExFTP.Authenticator.password/0 - authenticator_state ::
ExFTP.Authenticator.authenticator_state/0
โคต๏ธ Returns
โ On Success
{:ok, authenticator_state}โ On Failure
{:error, bad_login}๐ป Examples
iex> alias ExFTP.Auth.PassthroughAuth
iex> {:ok, _auth_state} = PassthroughAuth.login("password", %{username: "jsmith"})
iex> {:error, _} = PassthroughAuth.login("password", %{})
iex> # "root" is a disallowed user in PassthroughAuth
iex> {:error, _} = PassthroughAuth.login("password", %{username: "root"})@spec valid_user?(username :: ExFTP.Authenticator.username()) :: boolean()
Returns true if username is anything except "root"
๐ท๏ธ Params
- username ::
ExFTP.Authenticator.username/0
โคต๏ธ Returns
โ On Success
`true` or `false`๐ป Examples
iex> alias ExFTP.Auth.PassthroughAuth
iex> PassthroughAuth.valid_user?("jsmith")
true
iex> PassthroughAuth.valid_user?("root")
falseโ ๏ธ Reminders
๐ Security
The client will never be informed that a username is invalid.
The server uses this method to short-circuit bad auth calls.