⚠️ VeridianOS Kernel Documentation - This is low-level kernel code. All functions are unsafe unless explicitly marked otherwise. no_std

AuthManager

veridian_kernel::security::auth

Struct AuthManager 

Source 
pub struct AuthManager { /* private fields */ }
Expand description

Authentication manager

Implementations§

Source§

impl AuthManager

Source

pub fn new() -> Self

Create new authentication manager

Source

pub fn with_policy(policy: PasswordPolicy) -> Self

Create with a specific password policy.

Source

pub fn set_password_policy(&self, policy: PasswordPolicy)

Set the password policy.

Source

pub fn get_password_policy(&self) -> PasswordPolicy

Get the current password policy.

Source

pub fn create_user( &self, username: &'static str, password: &str, ) -> Result<UserId, KernelError>

Create new user account.

Validates the password against the active policy before creating the account.

Source

pub fn authenticate(&self, username: &str, password: &str) -> AuthResult

Authenticate user.

Checks account lock, expiration, password, and MFA status.

Source

pub fn authenticate_mfa( &self, username: &str, password: &str, mfa_token: u32, ) -> AuthResult

Authenticate with MFA

Source

pub fn change_password( &self, username: &str, old_password: &str, new_password: &str, ) -> Result<(), KernelError>

Change a user’s password.

Validates the new password against the active policy and checks password history to prevent reuse.

Source

pub fn set_account_expiration( &self, username: &str, expires_at: Option<u64>, ) -> Result<(), KernelError>

Set account expiration.

Source

pub fn enable_mfa(&self, username: &str) -> Result<[u8; 32], KernelError>

Enable MFA for user

Source

pub fn unlock_account(&self, username: &str) -> Result<(), KernelError>

Unlock user account

Source

pub fn delete_user(&self, username: &str) -> Result<(), KernelError>

Delete user account

Source

pub fn list_usernames(&self, buf: &mut [Option<&str>]) -> usize

List all usernames. Returns an iterator-friendly fixed-size collection.

Since we cannot return Vec<String> without heap allocation, callers should use with_users or iterate via the returned array.

Source

pub fn get_user_by_id(&self, user_id: UserId) -> Option<&'static str>

Get user by ID

Trait Implementations§

Source§

impl Default for AuthManager

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl !Freeze for AuthManager

§

impl !RefUnwindSafe for AuthManager

§

impl Send for AuthManager

§

impl Sync for AuthManager

§

impl Unpin for AuthManager

§

impl UnwindSafe for AuthManager

Blanket Implementations§

§

impl<T> Any for T
where T: 'static + ?Sized,

§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<T> Borrow<T> for T
where T: ?Sized,

§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
§

impl<T> BorrowMut<T> for T
where T: ?Sized,

§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> From<T> for T

§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, U> Into<U> for T
where U: From<T>,

§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of [From]<T> for U chooses to do.

§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.