~goorzhel/radm

ref: b4ca8d0dde821420d66d488db969c0f7c5da5f6b radm/src/pam.rs -rw-r--r-- 1.0 KiB
b4ca8d0d — Antonio Gurgel 0.3.0 4 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
//! PAM support.

use anyhow::{Context, Result};
use pam::{Client, PasswordConv};

use crate::{
    auth::Authenticator,
    tui::{prompt, EchoInput},
};

/// A basic PAM authenticator that takes a username and password.
pub struct PamPassword<'a> {
    username: String,
    client: Client<'a, PasswordConv>,
}

impl<'a> PamPassword<'a> {
    pub fn new(username: String) -> Result<Self> {
        let client = Client::with_password("login").context("Couldn't init PAM client")?;
        Ok(Self { username, client })
    }
}

impl<'a> Authenticator for PamPassword<'a> {
    fn authenticate(&mut self) -> Result<()> {
        let username = &self.username;
        let password = prompt("Password", EchoInput::Silent)?;
        trace!("Authenticating {} with password through PAM", username);
        self.client
            .conversation_mut()
            .set_credentials(username, password);
        self.client.authenticate()?;
        self.client.open_session()?;
        Ok(())
    }
    fn username(&self) -> &str {
        &self.username
    }
}