login

<     >

2023-07-21 12:20:35 (UTC-03:00)

Marcel Rodrigues <marcelgmr@gmail.com>

use .login file to store password

diff --git a/cogit/hash.lua b/cogit/hash.lua
index b02b74a..7870289 100644
--- a/cogit/hash.lua
+++ b/cogit/hash.lua
@@ -1,11 +1,11 @@
 local lud = require "ludweb"
 
 local function get_pass(prompt)
-    io.write(prompt)
+    io.stderr:write(prompt)
     os.execute("stty -echo")
     local pass = io.read()
     os.execute("stty echo")
-    io.write("\n")
+    io.stderr:write("\n")
     return pass
 end
 
@@ -17,7 +17,7 @@ local function hash_pass(pass, salt)
     return lud.crypt.pbkdf2(pass, salt, 10000, 64)
 end
 
-if arg[0] ~= "hash.lua" then
+if not arg[0]:match("hash.lua$") then
     return {get_pass=get_pass, get_salt=get_salt, hash_pass=hash_pass}
 end
 
@@ -34,5 +34,4 @@ local hash = hash_pass(pass, salt)
 local salt_b64 = lud.crypt.b64_enc(salt)
 local hash_b64 = lud.crypt.b64_enc(hash)
 
-print("salt: " .. salt_b64)
-print("hash: " .. hash_b64)
+print(salt_b64..":"..hash_b64)

diff --git a/main.lua b/main.lua
index a759a95..3e8aeb1 100644
--- a/main.lua
+++ b/main.lua
@@ -5,11 +5,31 @@ local hash = require "cogit.hash"
 
 local app = cogit.new_cogit(unpack(arg))
 
-local pass = hash.get_pass("admin password: ")
-local salt = hash.get_salt()
-local hash = hash.hash_pass(pass, salt)
-salt = lud.crypt.b64_enc(salt)
-hash = lud.crypt.b64_enc(hash)
-app:set_password(salt, hash)
+local auth_path = arg[1].."/.login"
+local auth_file = io.open(auth_path)
+local s, h
+if auth_file ~= nil then
+    app:log(2, "reading login info from "..auth_path)
+    local auth = auth_file:read()
+    s, h = auth:match("([%a%d+/=]+):([%a%d+/=]+)")
+else
+    local pass = hash.get_pass("admin password: ")
+    s = hash.get_salt()
+    h = hash.hash_pass(pass, s)
+    s = lud.crypt.b64_enc(s)
+    h = lud.crypt.b64_enc(h)
+    io.stderr:write("save login info? Y/[n]: ")
+    if io.read() == "Y" then
+        auth_file = io.open(auth_path, "w")
+        if auth_file ~= nil then
+            app:log(2, "writing login info to "..auth_path)
+            auth_file:write(s..":"..h.."\n")
+            auth_file:close()
+        else
+            app:log(1, "could not write login info to "..auth_path)
+        end
+    end
+end
+app:set_password(s, h)
 
 app:run()