{"id":25741434,"url":"https://github.com/yashsaini99/gpass","last_synced_at":"2026-06-11T06:31:31.069Z","repository":{"id":278890416,"uuid":"937089959","full_name":"YashSaini99/gpass","owner":"YashSaini99","description":"Graphical Password Authentication is a Go package that secures user login with image-based password patterns. It converts selected image indices into a string, hashes it with bcrypt, and stores it in MongoDB. It also features brute-force protection, email alerts, and secure password resets.","archived":false,"fork":false,"pushed_at":"2025-02-22T15:25:19.000Z","size":78,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-11-20T06:18:20.334Z","etag":null,"topics":["authentication","golang","graphical-password","graphical-password-authentication","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/YashSaini99.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-22T10:05:03.000Z","updated_at":"2025-02-22T15:22:00.000Z","dependencies_parsed_at":"2025-02-22T15:42:24.490Z","dependency_job_id":null,"html_url":"https://github.com/YashSaini99/gpass","commit_stats":null,"previous_names":["yashsaini99/graphical-password-authentication","yashsaini99/gpass"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/YashSaini99/gpass","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/YashSaini99%2Fgpass","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/YashSaini99%2Fgpass/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/YashSaini99%2Fgpass/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/YashSaini99%2Fgpass/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/YashSaini99","download_url":"https://codeload.github.com/YashSaini99/gpass/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/YashSaini99%2Fgpass/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34186385,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-11T02:00:06.485Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","golang","graphical-password","graphical-password-authentication","security"],"created_at":"2025-02-26T09:28:32.530Z","updated_at":"2026-06-11T06:31:31.043Z","avatar_url":"https://github.com/YashSaini99.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Graphical Password Authentication ![Go](https://img.shields.io/badge/Go-100%25-blue) ![MongoDB](https://img.shields.io/badge/MongoDB-Database-green) ![MIT License](https://img.shields.io/badge/License-MIT-yellow.svg)\r\n\r\nGraphical Password Authentication is a Go package that secures user login with image-based password patterns. It converts selected image indices into a string, hashes it with bcrypt, and stores it in MongoDB. It also features brute-force protection, email alerts, and secure password resets.\r\n\r\n## Features\r\n\r\n- 🔒 Secure user login with image-based password patterns\r\n- 🛡️ Brute-force protection\r\n- 📧 Email alerts for suspicious activities\r\n- 🔄 Secure password resets\r\n- 💾 Stores hashed passwords in MongoDB\r\n\r\n## Table of Contents\r\n\r\n- [Installation](#installation)\r\n- [Configuration](#configuration)\r\n- [Usage](#usage)\r\n  - [Basic Authentication](#basic-authentication)\r\n  - [Advanced Security Features](#advanced-security-features)\r\n  - [Email Validation](#email-validation)\r\n  - [Sending Emails](#sending-emails)\r\n- [API Reference](#api-reference)\r\n  - [Core Functions](#core-functions)\r\n  - [Advanced Security Functions](#advanced-security-functions)\r\n- [Testing](#testing)\r\n- [Contributing](#contributing)\r\n- [License](#license)\r\n\r\n## Installation\r\n\r\nTo install the package, use:\r\n\r\n```bash\r\ngo get github.com/YashSaini99/gpass\r\n```\r\n\r\n## Configuration\r\n\r\nCreate a `.env` file in the root of your project with the following keys:\r\n\r\n```ini\r\n# Database Configuration\r\nDB_URI=mongodb://localhost:27017/graphicalpasswordauth\r\n\r\n# SMTP Configuration (example using Mailtrap for testing)\r\nSMTP_USER=your_mailtrap_username@mailtrap.io\r\nSMTP_PASS=your_mailtrap_password\r\nSMTP_HOST=smtp.mailtrap.io\r\nSMTP_PORT=2525\r\n```\r\n\r\n- **DB_URI:** Connection string for your MongoDB instance.\r\n- **SMTP_USER, SMTP_PASS, SMTP_HOST, SMTP_PORT:** Credentials and server details for sending emails. You can use a service like Mailtrap for testing purposes.\r\n\r\n## Usage\r\n\r\n### Basic Authentication\r\n\r\n```go\r\nimport (\r\n    \"github.com/YashSaini99/gpass\"\r\n    \"time\"\r\n)\r\n\r\nfunc main() {\r\n    // Load environment variables\r\n    gpass.LoadEnv()\r\n\r\n    // Connect to the database\r\n    err := gpass.Connect(\"your_mongodb_connection_string\")\r\n    if err != nil {\r\n        // Handle error\r\n    }\r\n    defer gpass.Disconnect()\r\n\r\n    // Validate an email\r\n    if !gpass.IsValidEmail(\"user@example.com\") {\r\n        // Handle invalid email\r\n    }\r\n\r\n    // Register a new user\r\n    err = gpass.RegisterUser(\"username\", \"user@example.com\", []int{1, 3, 5, 7})\r\n    if err != nil {\r\n        // Handle error (e.g., duplicate username/email)\r\n    }\r\n\r\n    // Authenticate the user\r\n    ok, err := gpass.AuthenticateUser(\"username\", []int{1, 3, 5, 7})\r\n    if err != nil {\r\n        // Handle error\r\n    }\r\n    if ok {\r\n        // Successful login\r\n    }\r\n}\r\n```\r\n\r\n### Advanced Security Features\r\n\r\nFor added security, use the advanced functions that protect against brute-force attacks and support password resets.\r\n\r\n```go\r\n// Create a SecureAuthManager instance\r\nsecManager := gpass.NewSecureAuthManager(3, 10*time.Minute, 15*time.Minute)\r\n\r\n// Authenticate with protection (this will block the account on repeated failed attempts and send alert emails)\r\nok, err := secManager.AuthenticateWithProtection(\"username\", []int{1, 3, 5, 7}, \"user@example.com\")\r\nif err != nil {\r\n    // Handle authentication error (e.g., account blocked)\r\n}\r\nif ok {\r\n    // Successful login\r\n}\r\n\r\n// Initiate a password reset (generates a secure token and sends a reset email)\r\ntoken, err := secManager.InitiatePasswordReset(\"username\", \"user@example.com\")\r\nif err != nil {\r\n    // Handle password reset error\r\n}\r\n// Use the token for resetting the password, typically via a dedicated reset endpoint.\r\n```\r\n\r\n### Email Validation\r\n\r\n```go\r\n// Validate an email\r\nif gpass.IsValidEmail(\"user@example.com\") {\r\n    fmt.Println(\"Email is valid\")\r\n} else {\r\n    fmt.Println(\"Email is invalid\")\r\n}\r\n```\r\n\r\n### Sending Emails\r\n\r\n```go\r\n// Send an email\r\nerr := gpass.SendEmail(\"user@example.com\", \"Subject\", \"Email body\")\r\nif err != nil {\r\n    // Handle email sending error\r\n}\r\n```\r\n\r\n## API Reference\r\n\r\n### Core Functions:\r\n\r\n- **`LoadEnv() error`**  \r\n  Loads environment variables from a `.env` file.\r\n\r\n- **`Connect(uri string) error`**  \r\n  Connects to MongoDB using the provided URI.\r\n\r\n- **`Disconnect() error`**  \r\n  Disconnects from MongoDB.\r\n\r\n- **`RegisterUser(username, email string, graphicalPassword []int) error`**  \r\n  Registers a new user.\r\n\r\n- **`AuthenticateUser(username string, graphicalPassword []int) (bool, error)`**  \r\n  Authenticates a user with their graphical password.\r\n\r\n- **`IsValidEmail(email string) bool`**  \r\n  Validates an email address.\r\n\r\n- **`SendEmail(to, subject, body string) error`**  \r\n  Sends an email using the SMTP settings in your `.env` file.\r\n\r\n### Advanced Security Functions\r\n\r\n- **`NewSecureAuthManager(threshold int, blockDuration, tokenDuration time.Duration) *SecureAuthManager`**  \r\n  Creates a new instance of SecureAuthManager.\r\n\r\n- **`(m *SecureAuthManager) AuthenticateWithProtection(username string, graphicalPassword []int, userEmail string) (bool, error)`**  \r\n  Authenticates a user with brute-force protection.\r\n\r\n- **`(m *SecureAuthManager) InitiatePasswordReset(username, userEmail string) (string, error)`**  \r\n  Initiates a password reset, sending a reset email with a secure token.\r\n\r\n- **`(m *SecureAuthManager) ValidateResetToken(username, token string) bool`**  \r\n  Validates a password reset token.\r\n  \r\n\r\n## Testing\r\n\r\nTo run the tests for this package:\r\n\r\n```bash\r\ngo test ./tests\r\n```\r\n\r\nThis will execute unit tests for core functionalities such as hashing, email validation, and more.\r\n\r\n## Contributing\r\n\r\nContributions are welcome! If you have ideas for enhancements, bug fixes, or additional features, please open an issue or submit a pull request.\r\n\r\n## License\r\n\r\nThis project is licensed under the MIT License. See the [LICENSE](https://github.com/YashSaini99/gpass/blob/main/LICENSE) file for details.\r\n\r\n[![GitHub Stars](https://img.shields.io/github/stars/YashSaini99/gpass?style=social)](https://github.com/YashSaini99/gpass)\r\n[![GitHub Issues](https://img.shields.io/github/issues/YashSaini99/gpass?style=plastic)](https://github.com/YashSaini99/gpass/issues)\r\n[![GitHub Forks](https://img.shields.io/github/forks/YashSaini99/gpass?style=social)](https://github.com/YashSaini99/gpass)\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyashsaini99%2Fgpass","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyashsaini99%2Fgpass","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyashsaini99%2Fgpass/lists"}