1 files changed, 12 insertions, 41 deletions

diff --git a/testauth.lua b/testauth.lua
index 67d703a..18d5673 100644
--- a/testauth.lua
+++ b/testauth.lua
@@ -1,52 +1,23 @@
 #!/usr/bin/lua
 
 --[[
-
-test authenticate
-
-* If user exist in acf db and passwd field is not 'x' then use this password.
-
-* If user exist in acf db and passwd field is 'x' then use password hash in
-  /etc/shadow.
-
-* If user does not exit in acf db, then authenticate against /etc/shadow
-  If success then create new user with no roles in acf db.
+add the following line to /etc/acf/passwd for adding user1 with pw test123:
+user1:$6$qGQrz2olBOsY9QrI$WFQbH3A7SyQ2cJiFQ7znkw9JxNeaiWsfCEBZU7/JtmR3X9jsDR8i8Q5ogSF5mWFU9f3M/np1wdcZttgkM.2UK1
 
 ]]--
 
-shadow = require("auth.shadow")
-acfdb = require("auth.acfpasswd")
-
-user = arg[1]
-entry, errmsg  = acfdb.getent(user)
+session = require("auth.session")
+pos = require("posix")
 
-authenticate = acfdb.authenticate
-if entry == nil then
-	print("Failed to read user '"..user.."' in "..acfdb.file)
-	if not shadow.getent(user) then
-		print("Faild to read user in "..shadow.file)
-		-- We could fallback to ldap, imaps or similar here
-		return 1
-	end
-	authenticate = shadow.authenticate
-elseif entry.passwd == "x" then
-	-- if passwd field is set to 'x' it means we use password in shadow
-	authenticate = shadow.authenticate
-end
-
-io.write("Enter password (WARNING: will echo): ")
-passwd = io.read("*line")
-
-if not authenticate(user, passwd) then
-	print("Authentication failed")
-	return 1
-end
+token, errmsg = session.new("user1", "test123")
 
-print("User "..user.." is authenticated")
-if entry == nil then
-	print("A new account should be created here")
-	-- passwd = confirm_password(passwd)
-	-- acfdb.setent(user, passwd, "New User", "NEWUSER")
+if token == nil then
+	print("ERROR:", errmsg)
+else
+	print("token:         ", token)
+	pos.sleep(2)
+	token = session.renew(token)
+	print("renenwed token:", token)
 end