1 /* 2 ** 2014-09-08 3 ** 4 ** The author disclaims copyright to this source code. In place of 5 ** a legal notice, here is a blessing: 6 ** 7 ** May you do good and not evil. 8 ** May you find forgiveness for yourself and forgive others. 9 ** May you share freely, never taking more than you give. 10 ** 11 ************************************************************************* 12 ** 13 ** This file contains the application interface definitions for the 14 ** user-authentication extension feature. 15 ** 16 ** To compile with the user-authentication feature, append this file to 17 ** end of an SQLite amalgamation header file ("sqlite3.h"), then add 18 ** the SQLITE_USER_AUTHENTICATION compile-time option. See the 19 ** user-auth.txt file in the same source directory as this file for 20 ** additional information. 21 */ 22 #ifdef SQLITE_USER_AUTHENTICATION 23 24 /* 25 ** If a database contains the SQLITE_USER table, then the 26 ** sqlite3_user_authenticate() interface must be invoked with an 27 ** appropriate username and password prior to enable read and write 28 ** access to the database. 29 ** 30 ** Return SQLITE_OK on success or SQLITE_ERROR if the username/password 31 ** combination is incorrect or unknown. 32 ** 33 ** If the SQLITE_USER table is not present in the database file, then 34 ** this interface is a harmless no-op returnning SQLITE_OK. 35 */ 36 int sqlite3_user_authenticate( 37 sqlite3 *db, /* The database connection */ 38 const char *zUsername, /* Username */ 39 const char *aPW, /* Password or credentials */ 40 int nPW /* Number of bytes in aPW[] */ 41 ); 42 43 /* 44 ** The sqlite3_user_add() interface can be used (by an admin user only) 45 ** to create a new user. When called on a no-authentication-required 46 ** database, this routine converts the database into an authentication- 47 ** required database, automatically makes the added user an 48 ** administrator, and logs in the current connection as that user. 49 ** The sqlite3_user_add() interface only works for the "main" database, not 50 ** for any ATTACH-ed databases. Any call to sqlite3_user_add() by a 51 ** non-admin user results in an error. 52 */ 53 int sqlite3_user_add( 54 sqlite3 *db, /* Database connection */ 55 const char *zUsername, /* Username to be added */ 56 const char *aPW, /* Password or credentials */ 57 int nPW, /* Number of bytes in aPW[] */ 58 int isAdmin /* True to give new user admin privilege */ 59 ); 60 61 /* 62 ** The sqlite3_user_change() interface can be used to change a users 63 ** login credentials or admin privilege. Any user can change their own 64 ** login credentials. Only an admin user can change another users login 65 ** credentials or admin privilege setting. No user may change their own 66 ** admin privilege setting. 67 */ 68 int sqlite3_user_change( 69 sqlite3 *db, /* Database connection */ 70 const char *zUsername, /* Username to change */ 71 const char *aPW, /* New password or credentials */ 72 int nPW, /* Number of bytes in aPW[] */ 73 int isAdmin /* Modified admin privilege for the user */ 74 ); 75 76 /* 77 ** The sqlite3_user_delete() interface can be used (by an admin user only) 78 ** to delete a user. The currently logged-in user cannot be deleted, 79 ** which guarantees that there is always an admin user and hence that 80 ** the database cannot be converted into a no-authentication-required 81 ** database. 82 */ 83 int sqlite3_user_delete( 84 sqlite3 *db, /* Database connection */ 85 const char *zUsername /* Username to remove */ 86 ); 87 88 #endif /* SQLITE_USER_AUTHENTICATION */ 89