summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2013-01-01 17:00:58 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2013-01-01 17:00:58 +0100
commite0cabd6295204fe8a6b54edfc9141302943fdbfb (patch)
tree97ab9341e10113376fc821200f61a2b44df039f1
parent44b34b0c0a91a1ca7bb97b64da19321dd1e05a81 (diff)
downloadprivsep-e0cabd6295204fe8a6b54edfc9141302943fdbfb.tar.bz2
privsep-e0cabd6295204fe8a6b54edfc9141302943fdbfb.tar.xz
testauth: use the auth.session module
-rw-r--r--testauth.lua53
1 files changed, 12 insertions, 41 deletions
diff --git a/testauth.lua b/testauth.lua
index 67d703a..18d5673 100644
--- a/testauth.lua
+++ b/testauth.lua
@@ -1,52 +1,23 @@
#!/usr/bin/lua
--[[
-
-test authenticate
-
-* If user exist in acf db and passwd field is not 'x' then use this password.
-
-* If user exist in acf db and passwd field is 'x' then use password hash in
- /etc/shadow.
-
-* If user does not exit in acf db, then authenticate against /etc/shadow
- If success then create new user with no roles in acf db.
+add the following line to /etc/acf/passwd for adding user1 with pw test123:
+user1:$6$qGQrz2olBOsY9QrI$WFQbH3A7SyQ2cJiFQ7znkw9JxNeaiWsfCEBZU7/JtmR3X9jsDR8i8Q5ogSF5mWFU9f3M/np1wdcZttgkM.2UK1
]]--
-shadow = require("auth.shadow")
-acfdb = require("auth.acfpasswd")
-
-user = arg[1]
-entry, errmsg = acfdb.getent(user)
+session = require("auth.session")
+pos = require("posix")
-authenticate = acfdb.authenticate
-if entry == nil then
- print("Failed to read user '"..user.."' in "..acfdb.file)
- if not shadow.getent(user) then
- print("Faild to read user in "..shadow.file)
- -- We could fallback to ldap, imaps or similar here
- return 1
- end
- authenticate = shadow.authenticate
-elseif entry.passwd == "x" then
- -- if passwd field is set to 'x' it means we use password in shadow
- authenticate = shadow.authenticate
-end
-
-io.write("Enter password (WARNING: will echo): ")
-passwd = io.read("*line")
-
-if not authenticate(user, passwd) then
- print("Authentication failed")
- return 1
-end
+token, errmsg = session.new("user1", "test123")
-print("User "..user.." is authenticated")
-if entry == nil then
- print("A new account should be created here")
- -- passwd = confirm_password(passwd)
- -- acfdb.setent(user, passwd, "New User", "NEWUSER")
+if token == nil then
+ print("ERROR:", errmsg)
+else
+ print("token: ", token)
+ pos.sleep(2)
+ token = session.renew(token)
+ print("renenwed token:", token)
end