Python bindings to the LibreAuth library. https://pypi.org/project/libreauth/
This repository has been archived on 2023-09-20. You can view files and clone it, but cannot push or open issues or pull requests.
Find a file
2017-12-16 19:27:03 +01:00
libreauth Add the password sub-module 2017-12-16 19:21:18 +01:00
tests Add the password sub-module 2017-12-16 19:21:18 +01:00
.gitignore first commit 2017-11-26 21:39:20 +01:00
CHANGELOG.md first commit 2017-11-26 21:39:20 +01:00
CONTRIBUTING.md first commit 2017-11-26 21:39:20 +01:00
LICENSE-EN.txt first commit 2017-11-26 21:39:20 +01:00
LICENSE-FR.txt first commit 2017-11-26 21:39:20 +01:00
MANIFEST.in Add the password sub-module 2017-12-16 19:21:18 +01:00
Pipfile Add the password sub-module 2017-12-16 19:21:18 +01:00
Pipfile.lock Add the password sub-module 2017-12-16 19:21:18 +01:00
README.rst Fix reStructuredText sub-lists 2017-12-16 19:27:03 +01:00
setup.cfg Add the password sub-module 2017-12-16 19:21:18 +01:00
setup.py Add the password sub-module 2017-12-16 19:21:18 +01:00

Python LibreAuth
================

Python bindings to the LibreAuth library.
LibreAuth is a collection of tools for user authentication written in Rust.


Features
--------

This is a work in progress. Some features may not be available.

* Password / passphrase authentication

  - ✓ no character-set limitation
  - ✓ reasonable lenth limit ([security vs. DOS](http://arstechnica.com/security/2013/09/long-passwords-are-good-but-too-much-length-can-be-bad-for-security/))
  - ✓ strong, evolutive and retro-compatible password hashing functions
  - ✓ optional NIST Special Publication 800-63B compatibility

* HOTP - HMAC-based One-time Password Algorithm ([OATH](http://www.openauthentication.org/) - [RFC 4226](https://tools.ietf.org/html/rfc4226))

  - ✗ the key can be passed as bytes, an ASCII string, an hexadicimal string or a base32 string
  - ✗ customizable counter
  - ✗ customizable hash function (sha1, sha256, sha512)
  - ✗ customizable output length
  - ✗ customizable output alphabet

* TOTP - Time-based One-time Password Algorithm ([OATH](http://www.openauthentication.org/) - [RFC 6238](https://tools.ietf.org/html/rfc6238))

  - ✗ the key can be passed as bytes, an ASCII string, an hexadicimal string or a base32 string
  - ✗ customizable timestamp
  - ✗ customizable period
  - ✗ customizable initial time (T0)
  - ✗ customizable hash function (sha1, sha256, sha512)
  - ✗ customizable output length
  - ✗ customizable output alphabet
  - ✗ customizable positive and negative period tolerance


Requirements
------------

LibreAuth 0.6 or higher.