Skip to content

Etherpad plugin that allows the usage of hash values for authentoication in settings.json

License

Notifications You must be signed in to change notification settings

ether/ep_hash_auth

Folders and files

NameName
Last commit message
Last commit date

Latest commit

b96eca2 · Mar 16, 2024

History

76 Commits
Mar 16, 2024
Feb 26, 2022
Sep 23, 2020
Dec 5, 2020
Dec 5, 2020
Oct 14, 2020
Feb 8, 2021
May 15, 2020
Feb 6, 2021
Mar 16, 2024
Mar 16, 2024

Repository files navigation

Publish Status Backend Tests Status

ep_hash_auth

This Etherpad plugin allows the usage of hashed passwords for authentication. As of version 2.x it uses the crypto lib and/or the bcrypt lib for comparison. Besides settings.json, it is now possible to store the user-database in a filesystem hierarchy. The hash files are read on authentication.

  "users": {
	"admin": {"password": "admin","is_admin": true},
	"y": {"is_admin": true, "hash": "b2112aa7399 ... b071ea5976"},
	"z": {"is_admin": true, "hash": "b5152ab7359 ... a041fa5646", "displayname": "Jane Doe"}
  }

optionally specify hash type and digest, folders and extension, defaults are:

  "ep_hash_auth": {
    "hash_typ": "sha512",
    "hash_dig": "hex",
    "hash_dir": "/var/etherpad/users",
    "hash_ext": "/.hash",
    "hash_adm": false,
    "displayname_ext": "/.displayname"
  },

This means user Alice would have to have her hash in sha512 hex OR in bcrypt format in the following file:

/var/etherpad/users/Alice/.hash

The hash_adm parameter defines the role of file-authenticated users, by default they are not admins.

The displayname_ext parameter defines from which file the displayname of a user can be read. If the file does not exist for a user, the displayname remains unchanged.

Generate the hashes

Bcrypt:

apt-get install -yqq python-bcrypt
python -c 'import bcrypt; print(bcrypt.hashpw(b"password", bcrypt.gensalt(rounds=10, prefix=b"2a")))'

Scrypt:

var scrypt = require('scrypt');
console.log(scrypt.kdfSync("password", scrypt.paramsSync(0.1)));

Argon2:

var argon2 = require('argon2');
argon2.hash("password", {timeCost: 4, memoryCost: 2 ** 13, parallelism: 2, type: argon2.argon2i}).then(hash => {console.log(hash);});

Credits

the npm

About

Etherpad plugin that allows the usage of hash values for authentoication in settings.json

Resources

License

Stars

Watchers

Forks

Packages

No packages published