User Authentication
This package supports the SQLite User Authentication module.
To use the User authentication module the package has to be compiled with the tag sqlite_userauth. See Features.
In order to create a protected database the DSN option user and pass are minimal required.
**When creating a protected database the given user which creates the database will automatically be added as an admin user.
Create an user authentication database with user admin and password admin.
file:test.s3db?user=admin&pass=admin
Create an user authentication database with user admin and password admin and used the built-in SHA512 Encoder with salt: salted.
file:test.s3db?user=admin&pass=admin&salt=salted&crypt=ssha512
For more information about user / password encryption see Crypt Encoders.
Operations on the database regarding to user management can only be preformed by an administrator user.
The user authentication supports two kinds of users
- administrators
- regular users
User management can be done by directly using the *SQLiteConn or by SQL.
The following sql functions are available for user management.
| Function | Arguments | Description |
|---|---|---|
authenticate |
username string, password string
|
Will authenticate an user, this is done by the connection; and should not be used manually. |
auth_user_add |
username string, password string, admin int
|
This function will add an user to the database. if the database is not protected by user authentication it will enable it. Argument admin is an integer identifying if the added user should be an administrator. Only Administrators can add administrators. |
auth_user_change |
username string, password string, admin int
|
Function to modify an user. Users can change their own password, but only an administrator can change the administrator flag. |
authUserDelete |
username string
|
Delete an user from the database. Can only be used by an administrator. The current logged in administrator cannot be deleted. This is to make sure their is always an administrator remaining. |
These functions will return an integer.
| INT | TXT | Description |
|---|---|---|
| 0 | SQLITE_OK |
OK |
| 23 | SQLITE_AUTH |
Failed to perform due to authentication or insufficient privileges |
// Autheticate user
// Create Admin User
SELECT auth_user_add('admin2', 'admin2', 1);
// Change password for user
SELECT auth_user_change('user', 'userpassword', 0);
// Delete user
SELECT user_delete('user');The following functions are available for User authentication from the *SQLiteConn.
| Function | Description |
|---|---|
Authenticate(username, password string) error |
Authenticate user |
AuthUserAdd(username, password string, admin bool) error |
Add user |
AuthUserChange(username, password string, admin bool) error |
Modify user |
AuthUserDelete(username string) error |
Delete user |
When using attached databases. SQLite will use the authentication from the main database for the attached database(s).