#!/usr/bin/python
"""
Acts as auth program for the "external" authentication module
http://code.google.com/p/mod-auth-external/

It makes sure that the given user name exists at the system
(with a UID > 1000) and that the password corresponds to
the password that is provided by the AuthExternalContext
directive in the apache configuration.
"""
import os
import pwd
import sys

# Get provided username and password
username = os.environ.get('USER')
password = os.environ.get('PASS')
valid_password = os.environ.get('CONTEXT')


# We want to have a existing user ...
try:
	user_info = pwd.getpwnam(username)
except KeyError:
	# invalid user name
	sys.exit(1)

if user_info.pw_uid < 1000:
	# the system user has to have a UID above 1000
	sys.exit(1)


# ... and the password has to be as given above
if password != valid_password:
	sys.exit(1)


sys.exit(0)