diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-01 17:00:58 +0100 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-01 17:00:58 +0100 |
commit | e0cabd6295204fe8a6b54edfc9141302943fdbfb (patch) | |
tree | 97ab9341e10113376fc821200f61a2b44df039f1 /testauth.lua | |
parent | 44b34b0c0a91a1ca7bb97b64da19321dd1e05a81 (diff) | |
download | privsep-e0cabd6295204fe8a6b54edfc9141302943fdbfb.tar.bz2 privsep-e0cabd6295204fe8a6b54edfc9141302943fdbfb.tar.xz |
testauth: use the auth.session module
Diffstat (limited to 'testauth.lua')
-rw-r--r-- | testauth.lua | 53 |
1 files changed, 12 insertions, 41 deletions
diff --git a/testauth.lua b/testauth.lua index 67d703a..18d5673 100644 --- a/testauth.lua +++ b/testauth.lua @@ -1,52 +1,23 @@ #!/usr/bin/lua --[[ - -test authenticate - -* If user exist in acf db and passwd field is not 'x' then use this password. - -* If user exist in acf db and passwd field is 'x' then use password hash in - /etc/shadow. - -* If user does not exit in acf db, then authenticate against /etc/shadow - If success then create new user with no roles in acf db. +add the following line to /etc/acf/passwd for adding user1 with pw test123: +user1:$6$qGQrz2olBOsY9QrI$WFQbH3A7SyQ2cJiFQ7znkw9JxNeaiWsfCEBZU7/JtmR3X9jsDR8i8Q5ogSF5mWFU9f3M/np1wdcZttgkM.2UK1 ]]-- -shadow = require("auth.shadow") -acfdb = require("auth.acfpasswd") - -user = arg[1] -entry, errmsg = acfdb.getent(user) +session = require("auth.session") +pos = require("posix") -authenticate = acfdb.authenticate -if entry == nil then - print("Failed to read user '"..user.."' in "..acfdb.file) - if not shadow.getent(user) then - print("Faild to read user in "..shadow.file) - -- We could fallback to ldap, imaps or similar here - return 1 - end - authenticate = shadow.authenticate -elseif entry.passwd == "x" then - -- if passwd field is set to 'x' it means we use password in shadow - authenticate = shadow.authenticate -end - -io.write("Enter password (WARNING: will echo): ") -passwd = io.read("*line") - -if not authenticate(user, passwd) then - print("Authentication failed") - return 1 -end +token, errmsg = session.new("user1", "test123") -print("User "..user.." is authenticated") -if entry == nil then - print("A new account should be created here") - -- passwd = confirm_password(passwd) - -- acfdb.setent(user, passwd, "New User", "NEWUSER") +if token == nil then + print("ERROR:", errmsg) +else + print("token: ", token) + pos.sleep(2) + token = session.renew(token) + print("renenwed token:", token) end |