The hunchentoot-auth Reference Manual

Next: , Previous: , Up: (dir)   [Contents][Index]

The hunchentoot-auth Reference Manual

This is the hunchentoot-auth Reference Manual, version 0.2.1, generated automatically by Declt version 4.0 beta 2 "William Riker" on Mon Aug 15 04:51:04 2022 GMT+0.

Table of Contents


1 Introduction


hunchentoot-auth

This package is for implementing user authentication with passwords
for the hunchentoot Common Lisp web server.

The core unit of hunchentoot-auth is the realm. Currently a realm is
just a persistent "bag" for holding users and their associated (hashed)
passwords, along with the beginnings of support for groups. 

In the initial incarnation, realms use the cl-store module for storing
the users and groups information for the realm. This is clearly not
the most efficient approach, but works well enough for a small number
of users.

To create a realm, one can use a lisp expression such as:


  (defparamter *test-realm-directory "/tmp/myrealm/")

  (ensure-directories-exist *test-realm-directory*)

  (defparameter *test-realm*
    (make-instance 'ht-auth:realm
                   :user-storage-path
                   (merge-pathnames "users.store"
                                    *test-realm-directory*)
                   :group-storage-path
                   (merge-pathnames "groups.store"
                                    *test-realm-directory*)))


Then to add users to the realm, one would use the following code:


  (ht-auth:add-user *test-realm* "alice" "secret1")


This would add the user "alice" to the realm with the password
"secret1". Note that the password is not directly stored in the
persistent storage, but rather the password is appended to a random
(per-user) salt (which is stored in the persistent database) and this
salted uesr name is then hashed using the MD5 hashing algorithm. The
hash of the salted password is stored in the database. To subsequently
verify if a given password matches that of the user, the (per-user)
salt is prepened to the candidate password, this string is then hashed
and compared to the hash stored in the realm.


2 Systems

The main system appears first, followed by any subsystem dependency.


Previous: , Up: Systems   [Contents][Index]

2.1 hunchentoot-auth

Author

Cyrus Harmon <ch-lisp@bobobeach.com>

License

BSD

Version

0.2.1

Dependencies
  • hunchentoot (system).
  • cl-who (system).
  • cl-store (system).
  • bordeaux-threads (system).
Source

hunchentoot-auth.asd.

Child Components

3 Files

Files are sorted by type and then listed depth-first from the systems components trees.


Previous: , Up: Files   [Contents][Index]

3.1 Lisp


3.1.1 hunchentoot-auth/hunchentoot-auth.asd

Source

hunchentoot-auth.asd.

Parent Component

hunchentoot-auth (system).

ASDF Systems

hunchentoot-auth.


3.1.2 hunchentoot-auth/defpackage.lisp

Source

hunchentoot-auth.asd.

Parent Component

hunchentoot-auth (system).

Packages

hunchentoot-auth.


3.1.3 hunchentoot-auth/realm.lisp

Dependency

defpackage.lisp (file).

Source

hunchentoot-auth.asd.

Parent Component

hunchentoot-auth (system).

Public Interface
Internals

3.1.4 hunchentoot-auth/hunchentoot-auth.lisp

Dependencies
Source

hunchentoot-auth.asd.

Parent Component

hunchentoot-auth (system).

Public Interface
Internals

4 Packages

Packages are listed by definition order.


Previous: , Up: Packages   [Contents][Index]

4.1 hunchentoot-auth

Source

defpackage.lisp.

Nickname

ht-auth

Use List
  • cl-who.
  • common-lisp.
  • hunchentoot.
Public Interface
Internals

5 Definitions

Definitions are sorted by export status, category, package, and then by lexicographic order.


Next: , Previous: , Up: Definitions   [Contents][Index]

5.1 Public Interface


5.1.1 Macros

Macro: authorized-page ((realm &key use-ssl ssl-port login-page-function) &rest body)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.


5.1.2 Ordinary functions

Function: generate-html-login (&key user password)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.

Function: get-realm-user (realm name)
Package

hunchentoot-auth.

Source

realm.lisp.

Function: get-realm-user-names (realm)
Package

hunchentoot-auth.

Source

realm.lisp.

Function: get-realm-users (realm)
Package

hunchentoot-auth.

Source

realm.lisp.

Function: session-realm-user (realm)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.

Function: (setf session-realm-user) (realm)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.

Function: session-realm-user-authenticated-p (realm)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.

Function: (setf session-realm-user-authenticated-p) (realm)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.


5.1.3 Generic functions

Generic Function: add-group (realm group)

Adds a new group named group with the specified realm.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: add-group ((realm realm) (name string))
Generic Function: add-user (realm user password &key full-name)

Adds a new user with the specified password in this realm.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: add-user ((realm realm) (name string) (password string) &key full-name)
Generic Function: check-password (realm user password)

Returns T if the given user/password combination is valid in this realm, otherwise returns NIL.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: check-password ((realm realm) (name string) password)
Method: check-password ((realm realm) (user user) password)
Generic Function: delete-user (realm user)

Removes the user with the specified name from this realm.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: delete-user ((realm realm) (name string))
Generic Function: read-realm-groups (realm)

Read the groups for this realm from the group file.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: read-realm-groups ((realm realm))
Generic Function: read-realm-users (realm)

Read the users for this realm from the password file.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: read-realm-users ((realm realm))
Generic Function: set-password (realm user password)

Sets the password for the specified user in this realm.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: set-password ((realm realm) (name string) password)
Method: set-password ((realm realm) (user user) password)
Generic Reader: user-name (object)
Package

hunchentoot-auth.

Methods
Reader Method: user-name ((user user))

automatically generated reader method

Source

realm.lisp.

Target Slot

name.

Generic Writer: (setf user-name) (object)
Package

hunchentoot-auth.

Methods
Writer Method: (setf user-name) ((user user))

automatically generated writer method

Source

realm.lisp.

Target Slot

name.


5.1.4 Standalone methods

Method: shared-initialize :after ((realm realm) slot-names &rest initargs)
Source

realm.lisp.


5.1.5 Classes

Class: realm

Objects of this class represent realms for which a given user/password scheme should apply.

Package

hunchentoot-auth.

Source

realm.lisp.

Direct methods
Direct slots
Slot: users

A hash-table for the users and passwords
for this realm. The keys are the user names (strings) and the values are instances of the class user.

Initform

(make-hash-table :test (function equal))

Readers

realm-users.

Writers

(setf realm-users).

Slot: user-storage-path

The path to the file in
which to store the password hash-table.

Initargs

:user-storage-path

Readers

realm-user-storage-path.

Writers

(setf realm-user-storage-path).

Slot: groups

A hash-table for the groups for this
realm. The keys are the group names (strings) and the values instances of the class group

Initform

(make-hash-table :test (function equal))

Readers

realm-groups.

Writers

(setf realm-groups).

Slot: group-storage-path

The path to the file in
which to store the group hash-table.

Initargs

:group-storage-path

Readers

realm-group-storage-path.

Writers

(setf realm-group-storage-path).


5.2 Internals


Next: , Previous: , Up: Internals   [Contents][Index]

5.2.1 Special variables

Special Variable: *password-file-lock*
Package

hunchentoot-auth.

Source

realm.lisp.

Special Variable: *password-lock*
Package

hunchentoot-auth.

Source

realm.lisp.


5.2.2 Macros

Macro: with-html (&body body)

Executes BODY inside a cl-who:with-html-output body.

Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.

Macro: with-html-page (&body body)

Executes BODY inside a cl-who:with-html-output-to-string body, directing the output to *standard-output* and setting :prologue to t.

Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.


Next: , Previous: , Up: Internals   [Contents][Index]

5.2.3 Ordinary functions

Function: create-authorized-dispatcher (uri-base realm dispatcher &key use-ssl ssl-port login-page-function)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.

Function: get-realm-group-names (realm)
Package

hunchentoot-auth.

Source

realm.lisp.

Function: get-realm-groups (realm)
Package

hunchentoot-auth.

Source

realm.lisp.

Function: hash-keys (hash)
Package

hunchentoot-auth.

Source

realm.lisp.

Function: hash-values (hash)
Package

hunchentoot-auth.

Source

realm.lisp.

Function: login-page (&key title)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.

Function: parse-host-name-and-port (host-and-port)
Package

hunchentoot-auth.

Source

hunchentoot-auth.lisp.

Function: random-string (length)

Return a random string of the characters [a-zA-Z] of the specified length.

Package

hunchentoot-auth.

Source

realm.lisp.


Next: , Previous: , Up: Internals   [Contents][Index]

5.2.4 Generic functions

Generic Function: add-group-user (realm group user)
Package

hunchentoot-auth.

Methods
Method: add-group-user ((realm realm) (group group) (user user))
Source

realm.lisp.

Generic Reader: group-name (object)
Package

hunchentoot-auth.

Methods
Reader Method: group-name ((group group))

automatically generated reader method

Source

realm.lisp.

Target Slot

name.

Generic Writer: (setf group-name) (object)
Package

hunchentoot-auth.

Methods
Writer Method: (setf group-name) ((group group))

automatically generated writer method

Source

realm.lisp.

Target Slot

name.

Generic Reader: group-users (object)
Package

hunchentoot-auth.

Methods
Reader Method: group-users ((group group))

automatically generated reader method

Source

realm.lisp.

Target Slot

users.

Generic Writer: (setf group-users) (object)
Package

hunchentoot-auth.

Methods
Writer Method: (setf group-users) ((group group))

automatically generated writer method

Source

realm.lisp.

Target Slot

users.

Generic Reader: realm-group-storage-path (object)
Generic Writer: (setf realm-group-storage-path) (object)
Package

hunchentoot-auth.

Methods
Reader Method: realm-group-storage-path ((realm realm))
Writer Method: (setf realm-group-storage-path) ((realm realm))

The path to the file in
which to store the group hash-table.

Source

realm.lisp.

Target Slot

group-storage-path.

Generic Reader: realm-groups (object)
Generic Writer: (setf realm-groups) (object)
Package

hunchentoot-auth.

Methods
Reader Method: realm-groups ((realm realm))
Writer Method: (setf realm-groups) ((realm realm))

A hash-table for the groups for this
realm. The keys are the group names (strings) and the values instances of the class group

Source

realm.lisp.

Target Slot

groups.

Generic Reader: realm-user-storage-path (object)
Generic Writer: (setf realm-user-storage-path) (object)
Package

hunchentoot-auth.

Methods
Reader Method: realm-user-storage-path ((realm realm))
Writer Method: (setf realm-user-storage-path) ((realm realm))

The path to the file in
which to store the password hash-table.

Source

realm.lisp.

Target Slot

user-storage-path.

Generic Reader: realm-users (object)
Generic Writer: (setf realm-users) (object)
Package

hunchentoot-auth.

Methods
Reader Method: realm-users ((realm realm))
Writer Method: (setf realm-users) ((realm realm))

A hash-table for the users and passwords
for this realm. The keys are the user names (strings) and the values are instances of the class user.

Source

realm.lisp.

Target Slot

users.

Generic Function: store-realm-groups (realm)

Store the groups for this realm in the group file.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: store-realm-groups ((realm realm))
Generic Function: store-realm-users (realm)

Store the users for this realm in the password file.

Package

hunchentoot-auth.

Source

realm.lisp.

Methods
Method: store-realm-users ((realm realm))
Generic Reader: user-full-name (object)
Package

hunchentoot-auth.

Methods
Reader Method: user-full-name ((user user))

automatically generated reader method

Source

realm.lisp.

Target Slot

full-name.

Generic Writer: (setf user-full-name) (object)
Package

hunchentoot-auth.

Methods
Writer Method: (setf user-full-name) ((user user))

automatically generated writer method

Source

realm.lisp.

Target Slot

full-name.

Generic Reader: user-password (object)
Package

hunchentoot-auth.

Methods
Reader Method: user-password ((user user))

automatically generated reader method

Source

realm.lisp.

Target Slot

password.

Generic Writer: (setf user-password) (object)
Package

hunchentoot-auth.

Methods
Writer Method: (setf user-password) ((user user))

automatically generated writer method

Source

realm.lisp.

Target Slot

password.

Generic Reader: user-password-salt (object)
Package

hunchentoot-auth.

Methods
Reader Method: user-password-salt ((user user))

automatically generated reader method

Source

realm.lisp.

Target Slot

password-salt.

Generic Writer: (setf user-password-salt) (object)
Package

hunchentoot-auth.

Methods
Writer Method: (setf user-password-salt) ((user user))

automatically generated writer method

Source

realm.lisp.

Target Slot

password-salt.


Previous: , Up: Internals   [Contents][Index]

5.2.5 Classes

Class: group
Package

hunchentoot-auth.

Source

realm.lisp.

Direct methods
Direct slots
Slot: name
Initargs

:name

Readers

group-name.

Writers

(setf group-name).

Slot: users
Initform

(make-hash-table)

Readers

group-users.

Writers

(setf group-users).

Class: user
Package

hunchentoot-auth.

Source

realm.lisp.

Direct methods
Direct slots
Slot: name
Initargs

:name

Readers

user-name.

Writers

(setf user-name).

Slot: full-name
Initargs

:full-name

Readers

user-full-name.

Writers

(setf user-full-name).

Slot: password
Initform

""

Initargs

:password

Readers

user-password.

Writers

(setf user-password).

Slot: password-salt
Initargs

:password-salt

Readers

user-password-salt.

Writers

(setf user-password-salt).


Appendix A Indexes


Next: , Previous: , Up: Indexes   [Contents][Index]

A.1 Concepts


Next: , Previous: , Up: Indexes   [Contents][Index]

A.2 Functions

Jump to:   (  
A   C   D   F   G   H   L   M   P   R   S   U   W  
Index Entry  Section

(
(setf group-name): Private generic functions
(setf group-name): Private generic functions
(setf group-users): Private generic functions
(setf group-users): Private generic functions
(setf realm-group-storage-path): Private generic functions
(setf realm-group-storage-path): Private generic functions
(setf realm-groups): Private generic functions
(setf realm-groups): Private generic functions
(setf realm-user-storage-path): Private generic functions
(setf realm-user-storage-path): Private generic functions
(setf realm-users): Private generic functions
(setf realm-users): Private generic functions
(setf session-realm-user): Public ordinary functions
(setf session-realm-user-authenticated-p): Public ordinary functions
(setf user-full-name): Private generic functions
(setf user-full-name): Private generic functions
(setf user-name): Public generic functions
(setf user-name): Public generic functions
(setf user-password): Private generic functions
(setf user-password): Private generic functions
(setf user-password-salt): Private generic functions
(setf user-password-salt): Private generic functions

A
add-group: Public generic functions
add-group: Public generic functions
add-group-user: Private generic functions
add-group-user: Private generic functions
add-user: Public generic functions
add-user: Public generic functions
authorized-page: Public macros

C
check-password: Public generic functions
check-password: Public generic functions
check-password: Public generic functions
create-authorized-dispatcher: Private ordinary functions

D
delete-user: Public generic functions
delete-user: Public generic functions

F
Function, (setf session-realm-user): Public ordinary functions
Function, (setf session-realm-user-authenticated-p): Public ordinary functions
Function, create-authorized-dispatcher: Private ordinary functions
Function, generate-html-login: Public ordinary functions
Function, get-realm-group-names: Private ordinary functions
Function, get-realm-groups: Private ordinary functions
Function, get-realm-user: Public ordinary functions
Function, get-realm-user-names: Public ordinary functions
Function, get-realm-users: Public ordinary functions
Function, hash-keys: Private ordinary functions
Function, hash-values: Private ordinary functions
Function, login-page: Private ordinary functions
Function, parse-host-name-and-port: Private ordinary functions
Function, random-string: Private ordinary functions
Function, session-realm-user: Public ordinary functions
Function, session-realm-user-authenticated-p: Public ordinary functions

G
generate-html-login: Public ordinary functions
Generic Function, (setf group-name): Private generic functions
Generic Function, (setf group-users): Private generic functions
Generic Function, (setf realm-group-storage-path): Private generic functions
Generic Function, (setf realm-groups): Private generic functions
Generic Function, (setf realm-user-storage-path): Private generic functions
Generic Function, (setf realm-users): Private generic functions
Generic Function, (setf user-full-name): Private generic functions
Generic Function, (setf user-name): Public generic functions
Generic Function, (setf user-password): Private generic functions
Generic Function, (setf user-password-salt): Private generic functions
Generic Function, add-group: Public generic functions
Generic Function, add-group-user: Private generic functions
Generic Function, add-user: Public generic functions
Generic Function, check-password: Public generic functions
Generic Function, delete-user: Public generic functions
Generic Function, group-name: Private generic functions
Generic Function, group-users: Private generic functions
Generic Function, read-realm-groups: Public generic functions
Generic Function, read-realm-users: Public generic functions
Generic Function, realm-group-storage-path: Private generic functions
Generic Function, realm-groups: Private generic functions
Generic Function, realm-user-storage-path: Private generic functions
Generic Function, realm-users: Private generic functions
Generic Function, set-password: Public generic functions
Generic Function, store-realm-groups: Private generic functions
Generic Function, store-realm-users: Private generic functions
Generic Function, user-full-name: Private generic functions
Generic Function, user-name: Public generic functions
Generic Function, user-password: Private generic functions
Generic Function, user-password-salt: Private generic functions
get-realm-group-names: Private ordinary functions
get-realm-groups: Private ordinary functions
get-realm-user: Public ordinary functions
get-realm-user-names: Public ordinary functions
get-realm-users: Public ordinary functions
group-name: Private generic functions
group-name: Private generic functions
group-users: Private generic functions
group-users: Private generic functions

H
hash-keys: Private ordinary functions
hash-values: Private ordinary functions

L
login-page: Private ordinary functions

M
Macro, authorized-page: Public macros
Macro, with-html: Private macros
Macro, with-html-page: Private macros
Method, (setf group-name): Private generic functions
Method, (setf group-users): Private generic functions
Method, (setf realm-group-storage-path): Private generic functions
Method, (setf realm-groups): Private generic functions
Method, (setf realm-user-storage-path): Private generic functions
Method, (setf realm-users): Private generic functions
Method, (setf user-full-name): Private generic functions
Method, (setf user-name): Public generic functions
Method, (setf user-password): Private generic functions
Method, (setf user-password-salt): Private generic functions
Method, add-group: Public generic functions
Method, add-group-user: Private generic functions
Method, add-user: Public generic functions
Method, check-password: Public generic functions
Method, check-password: Public generic functions
Method, delete-user: Public generic functions
Method, group-name: Private generic functions
Method, group-users: Private generic functions
Method, read-realm-groups: Public generic functions
Method, read-realm-users: Public generic functions
Method, realm-group-storage-path: Private generic functions
Method, realm-groups: Private generic functions
Method, realm-user-storage-path: Private generic functions
Method, realm-users: Private generic functions
Method, set-password: Public generic functions
Method, set-password: Public generic functions
Method, shared-initialize: Public standalone methods
Method, store-realm-groups: Private generic functions
Method, store-realm-users: Private generic functions
Method, user-full-name: Private generic functions
Method, user-name: Public generic functions
Method, user-password: Private generic functions
Method, user-password-salt: Private generic functions

P
parse-host-name-and-port: Private ordinary functions

R
random-string: Private ordinary functions
read-realm-groups: Public generic functions
read-realm-groups: Public generic functions
read-realm-users: Public generic functions
read-realm-users: Public generic functions
realm-group-storage-path: Private generic functions
realm-group-storage-path: Private generic functions
realm-groups: Private generic functions
realm-groups: Private generic functions
realm-user-storage-path: Private generic functions
realm-user-storage-path: Private generic functions
realm-users: Private generic functions
realm-users: Private generic functions

S
session-realm-user: Public ordinary functions
session-realm-user-authenticated-p: Public ordinary functions
set-password: Public generic functions
set-password: Public generic functions
set-password: Public generic functions
shared-initialize: Public standalone methods
store-realm-groups: Private generic functions
store-realm-groups: Private generic functions
store-realm-users: Private generic functions
store-realm-users: Private generic functions

U
user-full-name: Private generic functions
user-full-name: Private generic functions
user-name: Public generic functions
user-name: Public generic functions
user-password: Private generic functions
user-password: Private generic functions
user-password-salt: Private generic functions
user-password-salt: Private generic functions

W
with-html: Private macros
with-html-page: Private macros

Jump to:   (  
A   C   D   F   G   H   L   M   P   R   S   U   W