###########################
# use mapps;
#
# CREATE TABLE users (
#     auid int(10) unsigned NOT NULL auto_increment,
#     auname varchar(30) default NULL,
#     PRIMARY KEY  (auid)
# ) TYPE=MyISAM;
# 
# CREATE TABLE secrets (
#     auid int(10) unsigned NOT NULL auto_increment,
#     passwd char(40) NOT NULL default '',
#     salt int(11) NOT NULL default '0',
#     PRIMARY KEY  (auid)
# ) TYPE=MyISAM DEFAULT;
##########################

package Mapps::Auth;
use Exporter;
use Digest::SHA1;
use DBI;
use warnings;
use strict;
use vars qw($VERSION @ISA @EXPORT);

our $VERSION     = 1.00; 
our @ISA         = qw(Exporter);
our @EXPORT      = qw(&new &auth);

sub new {
    my $class = shift;
    my $self  = {};
    return bless $self, $class; 
}

sub auth {

    my ($self, $dbh1); 
    my $uname = shift;  
    my $passwd = shift;  
    my ($dbsecret, $salt, $uid);

    $dbh1 = DBI->connect('dbi:mysql:itiv', 'lwriter', '**I can't tell you!') or die "Couldn't connect: $dbh1->errstr";
    # get secret from db
    my $statement="SELECT
    admin_users.auid,
    auname,
    passwd,
    salt
    FROM
    admin_users,
    secrets
    WHERE
    admin_users.auid=secrets.auid
    AND
    auname='$uname';";

    my $sth = $dbh1->prepare($statement) or die "Couldn't prepare statement: ".$dbh1->errstr;
    $sth->execute or die "Couldn't execute statement: ".$dbh1->errstr;

    while (my $ref = $sth->fetchrow_hashref){
        $dbsecret = $ref->{'passwd'};
        $salt     = $ref->{'salt'};
        $uid      = $ref->{'auid'};
    }
    
    # encrypts password using
    # SHA-1 algorithm
    my $sha1 = Digest::SHA1->new;

    # reset algorithm
    $sha1->hexdigest;

    # encrypt
    my $secret = Digest::SHA1::sha1_hex($passwd . $salt);    

    #die "$uid, $dbsecret, $secret, $salt ";
    # does generated secret match database secret?
    if ($secret eq $dbsecret){
        return (1, $uid);
    }
    return (0, $uid);
}
1;