# $Id$

provide auth ssl

PASSWD="/etc/mcoredpasswd"

md5crypt()
{
	local pass="$1"
	md5sum << EOF | sed 's:\(.*\)\ \ .*-.*:\1:'
${pass}
EOF
}

mcorepasswd()
{
	local user="$1"
	local pass
	local validate

	if [[ -z ${user} ]]
	then
		echo "No username given! Aborting."
		return 1
	fi

	# get pass
	echo -n "Enter Password: "
	stty -echo
	read pass
	stty echo
	echo

	echo -n "Retype Password: "
	stty -echo
	read validate
	stty echo
	echo

	if [[ ${pass} == ${validate} ]]
	then
		# encrypt and save
		echo "${user}:$(md5crypt ${pass})" > ${PASSWD}
		echo "Password for user '${user}' changed by $(id -u -n)."
	else
		echo "Passwords don't match!"
		echo "Password for user '${user}' is unchanged."
		return 1
	fi

}

## validate_auth $user $pass
#validate_auth()
#{
#	local user="$1"
#	local pass="$2"
#	local dbuser
#
#	# return 0 if ${valid_auth=yes} - user alread authenticated
#	validate_session && return 0
#
#	if [[ ${DEBUG} = 1 ]]
#	then
#		echo "user=${user}" >> /root/lala.log
#		echo "pass=${pass}" >> /root/lala.log
#		echo "mysqldo \"select user from control_auth where pass=MD5('${pass}')\"" >> /root/lala.log
#		echo $(mysqldo "select user from control_auth where pass=MD5('${pass}')") >> /root/lala.log
#	fi
#
#	dbuser=$(mysqldo "select user from control_auth where pass=MD5('${pass}')")
#	if [[ ! -z ${dbuser} ]]
#	then
#		# check if the returned username is equal the given one
#		if [[ ${dbuser} = ${user} ]]
#		then
#			# register a valid session
#			echo "auth valid"
#			export valid_session=yes
#			return 0
#		fi
#	fi
#
#	# if we get here, the auth is invalid
#	echo "auth invalid"
#	export valid_session=no
#	return 1
#}


validate_auth()
{
	local user="$1"
	local pass="$2"

	local passwduser
	local passwdpass

	# return 0 if ${valid_auth=yes} - user alread authenticated
	validate_session && return 0

	if [[ ! -f ${PASSWD} ]]
	then
		echo "passwd '${PASSWD}' does not exist!"
		return 1
	fi

	passwduser=$(grep "^${user}:" ${PASSWD} | cut -d: -f1)
	passwdpass=$(grep "^${user}:" ${PASSWD} | cut -d: -f2)

	if [[ -n ${passwduser} ]]
	then
		if [[ $(md5crypt ${pass}) == ${passwdpass} ]]
		then
			echo "password for user '${user}' is valid!"
			mecho "Successfully logged in. Type 'help' for more information."
			export valid_session="yes"
			return 0
		else
			echo "password for user '${user}' is invalid!"
			export valid_session="no"
			return 1
		fi
	else
		echo "User '${user}' unkown."
		export valid_session="no"
		return 1
	fi
}

validate_session()
{
	if [[ ${valid_session} = yes ]]
	then
		return 0
	else
		return 1
	fi
}

invalid_session()
{
	if [[ ${valid_session} != yes ]]
	then
		echo "not logged in..."
		# export quit signal
		export run=quit
	fi
}