#!/bin/bash

if [ "$#" -ne 1 ] ; then
    echo "bad syntax"
    exit 1
fi

# odczytujemy uzytkownika i hasło z przekazanego jako parametr pliku tymaczasowego
readarray -t lines < $1
providedUsername=${lines[0]}
providedPassword=${lines[1]}

LOGFILE='/etc/openvpn/server/logs/mfa.log'


egrep -q "^`date +%d`;" schluesselTafel.csv || exit 1

DAY=`date +%d`

Walzen=`egrep "^$DAY;" /etc/openvpn/server/schluesselTafel.csv |awk -F';' '{print $2}'`
Ringst=`egrep "^$DAY;" /etc/openvpn/server/schluesselTafel.csv |awk -F';' '{print "01 "$3}'`
Grundst=`egrep "^$DAY;" /etc/openvpn/server/schluesselTafel.csv |awk -F';' '{print $5}' |awk '{print "A" $3}' | tr [:lower:] [:upper:]`
Stecker=` egrep "^$DAY;" /etc/openvpn/server/schluesselTafel.csv |awk -F';' '{print $4}'`
ClearTextPass=`egrep "^$DAY;" /etc/openvpn/server/schluesselTafel.csv |awk -F';' '{print $5}' |awk -F' ' '{print $1$2}'| tr [:lower:] [:upper:] | tr -d ' '`


Encrypted=`echo "$ClearTextPass" | /usr/local/aenig4/bin/aenig4 -k "B beta $Walzen $Ringst $Grundst $Stecker" --filter`

###echo "ClearTextPass: $ClearTextPass => $Encrypted"

if [ $providedPassword == $Encrypted ] ; then
    echo "`date +%d-%m-%Y__%H:%M` => $providedUsername MFA authorization OK!" >> $LOGFILE
    exit 0
fi



echo "`date +%d-%m-%Y__%H:%M` => $providedUsername MFA authorization FAILED" >> $LOGFILE
exit 1