Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit f46bde7

Browse files
Update User Authentication Documentation
References: mattn#581 
1 parent 55a3551 commit f46bde7

File tree

1 file changed

+28
-2
lines changed

1 file changed

+28
-2
lines changed

‎README.md‎

Lines changed: 28 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -81,8 +81,10 @@ Boolean values can be one of:
8181
| Name | Key | Value(s) | Description |
8282
|------|-----|----------|-------------|
8383
| UA - Create | `_auth` | - | Create User Authentication, for more information see [User Authentication](#user-authentication) |
84-
| UA - Username | `_auth_user` | - | Username for User Authentication, for more information see [User Authentication](#user-authentication) |
85-
| UA - Password | `_auth_pass` | - | Password for User Authentication, for more information see [User Authentication](#user-authentication) |
84+
| UA - Username | `_auth_user` | `string` | Username for User Authentication, for more information see [User Authentication](#user-authentication) |
85+
| UA - Password | `_auth_pass` | `string` | Password for User Authentication, for more information see [User Authentication](#user-authentication) |
86+
| UA - Crypt | `_auth_crypt` | <ul><li>SHA1</li><li>SSHA1</li><li>SHA256</li><li>SSHA256</li><li>SHA384</li><li>SSHA384</li><li>SHA512</li><li>SSHA512</li></ul> | Password encoder to use for User Authentication, for more information see [User Authentication](#user-authentication) |
87+
| UA - Salt | `_auth_salt` | `string` | Salt to use if the configure password encoder requires a salt, for User Authentication, for more information see [User Authentication](#user-authentication) |
8688
| Auto Vacuum | `_auto_vacuum` \| `_vacuum` | <ul><li>`0` \| `none`</li><li>`1` \| `full`</li><li>`2` \| `incremental`</li></ul> | For more information see [PRAGMA auto_vacuum](https://www.sqlite.org/pragma.html#pragma_auto_vacuum) |
8789
| Busy Timeout | `_busy_timeout` \| `_timeout` | `int` | Specify value for sqlite3_busy_timeout. For more information see [PRAGMA busy_timeout](https://www.sqlite.org/pragma.html#pragma_busy_timeout) |
8890
| Case Sensitive LIKE | `_case_sensitive_like` \| `_cslike` | `boolean` | For more information see [PRAGMA case_sensitive_like](https://www.sqlite.org/pragma.html#pragma_case_sensitive_like) |
@@ -338,6 +340,30 @@ Create an user authentication database with user `admin` and password `admin`.
338340
339341
`file:test.s3db?_auth&_auth_user=admin&_auth_pass=admin`
340342
343+
Create an user authentication database with user `admin` and password `admin` and use `SHA1` for the password encoding.
344+
345+
`file:test.s3db?_auth&_auth_user=admin&_auth_pass=admin&_auth_crypt=sha1`
346+
347+
### Password Encoding
348+
349+
The passwords within the user authentication module of SQLite are encoded with the SQLite function `sqlite_cryp`.
350+
This function uses a ceasar-cypher which is quite insecure.
351+
This library provides several additional password encoders which can be configured through the connection string.
352+
353+
The password cypher can be configured with the key `_auth_crypt`. And if the configured password encoder also requires an
354+
salt this can be configured with `_auth_salt`.
355+
356+
#### Available Encoders
357+
358+
- SHA1
359+
- SSHA1 (Salted SHA1)
360+
- SHA256
361+
- SSHA256 (salted SHA256)
362+
- SHA384
363+
- SSHA384 (salted SHA384)
364+
- SHA512
365+
- SSHA512 (salted SHA512)
366+
341367
### Restrictions
342368
343369
Operations on the database regarding to user management can only be preformed by an administrator user.

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /