# PFUG

PFUG (**P**ermissions **F**or **U**sers & **G**roups) is a lightweight framework for the implementation of users, groups and their permissions.
To keep the footprint small, only the most basic elements are implemented. However, the most important requirements can be met.
[Argon2id](https://github.com/p-h-c/phc-winner-argon2) is used as the password hashing method, while a unique 32-byte salt is generated for each user.

## Example

```go
package main

import (
	"errors"
	"fmt"

	"git.0x0001f346.de/andreas/pfug"
)

var allGroups map[string]pfug.Group = map[string]pfug.Group{
	"mastersOfSecrets": pfug.CreateGroup("mastersOfSecrets"),
	"ordinaryPeople":   pfug.CreateGroup("ordinaryPeople"),
}

var accessToSecrets pfug.Permission = pfug.CreatePermission("accessToSecrets")

func getSecret(user pfug.User) string {
	for _, group := range allGroups {
		if !group.HasUserAsMember(user) {
			continue
		}

		if !group.HasPermission(accessToSecrets) {
			continue
		}

		return "Epstein didn't kill himself"
	}

	return "Mind your own business"
}

func login(u pfug.User, password string) error {
	if !u.IsUsingThisPassword(password) {
		return errors.New("wrong password")
	}

	// login

	return nil
}

func main() {
	john := pfug.CreateUser("johndoe", "john.doe@example.com", "password123")
	jane := pfug.CreateUser("janedoe", "jane.doe@example.com", "asdfasdf")

	allGroups["mastersOfSecrets"], _ = allGroups["mastersOfSecrets"].AddMember(john)
	allGroups["mastersOfSecrets"], _ = allGroups["mastersOfSecrets"].AddPermission(accessToSecrets)
	allGroups["ordinaryPeople"], _ = allGroups["ordinaryPeople"].AddMember(john)

	fmt.Println(getSecret(john))       // "Epstein didn't kill himself"
	fmt.Println(getSecret(jane))       // "Mind your own business"
	fmt.Println(login(john, "123456")) // "wrong password"
}
```