Golang : Get login name from environment and prompt for password
Problem:
You want to write a Golang script(short program for administrating server, etc) that grab the current user's login name, but prompt for a password rather than hardcoding it into the script.
When the user enter the password, it should not have echo or masking(i.e replace the typed characters with *). Once the password has been accepted, the script will compare the password with the retrieved password from database. If the password matched, it will let it pass and perform futher operation. If not, abort.
Discussion:
It is important to prompt the login user for password again whenever the user was about to execute a script that could cause potential damage from wrong usage. Why? Security risk. The real logged in user might have walked away from his/her desktop to somewhere else leaving the terminal open for someone else to use. Such as executing some potential harmful commands. Prompting password again will minimize the security risk. For additional layer on security, you might want to conside implementing 2 Factor Authentication as well.
Solution:
Retrieve the logged-in username from the environment variable with os.Getenv() function. Prompt for password with github.com/howeyc/gopass package.
Here you go!
package main
import (
"fmt"
"log"
"github.com/howeyc/gopass"
"os"
)
func authService(username, password string) bool {
// this where you want to bcrypt the password
// first before comparing with value retrieved
// from database or other sources base on the given username
// -- this will be application specific
// for the sake of this tutorial, we just
// put the password as abc123 ( don't use this in production!!)
// REMEMBER, do not hardcode the password in your script!
var retrievedPassword string
if username != "" {
retrievedPassword = "abc123"
}
if password == retrievedPassword {
return true
} else {
return false
}
}
func main() {
// get login user name
// from environment variables
loginUser := os.Getenv("USER")
if loginUser == "" {
log.Fatalf("Unable to get username from environment variable.\n")
}
// get user to enter their password
// without echo or mask
fmt.Printf("Enter your password to execute this script: ")
passwordFromUser, err := gopass.GetPasswd() // no echo - silent
if err != nil {
log.Printf("Get password error %v\n", err)
}
authentication := authService(loginUser, string(passwordFromUser))
fmt.Println("Authenticated ? : ", authentication)
}
Sample output:
(enter wrong password)
Enter your password to execute this script:
Authenticated ? : false
(enter right password)
Enter your password to execute this script:
Authenticated ? : true
Happy coding!
References:
https://www.socketloop.com/tutorials/golang-set-get-and-list-environment-variables
https://www.socketloop.com/tutorials/golang-get-password-from-console-input-without-echo-or-masked
https://www.socketloop.com/tutorials/golang-check-if-password-length-meet-the-requirement
See also : Golang : How to implement two-factor authentication?
By Adam Ng
IF you gain some knowledge or the information here solved your programming problem. Please consider donating to the less fortunate or some charities that you like. Apart from donation, planting trees, volunteering or reducing your carbon footprint will be great too.
Advertisement
Tutorials
+5.6k CodeIgniter/PHP : Remove empty lines above RSS or ATOM xml tag
+18.2k Golang : Find IP address from string
+5.4k Unix/Linux/MacOSx : Get local IP address
+15.2k Golang : rune literal not terminated error
+11.9k Golang : md5 hash of a string
+9.4k Golang : interface - when and where to use examples
+18.9k Mac OSX : Homebrew and Golang
+7.7k Golang : What fmt.Println() can do and println() cannot do
+6.6k Mac OSX : Find large files by size
+13.9k Golang : syscall.Socket example
+11.4k SSL : The certificate is not trusted because no issuer chain was provided