Write your Authorization script/program to any language you prefer.
They must accept at least two arguments, provided from the Dancer2::Plugin::WebService

	username packed as hex string, to avoid shell attacks, produced e.g    echo -n joe      | xxd -ps
	password packed as hex string, to avoid shell attacks, produced e.g    echo -n somepass | xxd -ps
	e.g.

	SomeScript 6a6f65 736f6d6570617373

More arguments can be defined at the config.yml of your service e.g

	Command  : MODULE_INSTALL_DIR/AuthScripts/SomeScript
	Arguments: [ "a1", "a2", "a3" ]

As a result, the script must print at the standard output the two lines

    1st line : 0 if the login is succesfull or a message of the login failure description
    2rd line : a comma delimitted list of all the groups the user is member e.g.

	for successful login

		0
		joe,ftp,log,storage

	for failed login

		server is on maintenance
		-

The protected routes, at  config.yml  have  Protected : true
and a list of a required groups e.g.   Groups : [ group1 , group2 ... ]
if the authorization script do not return any of the required groups then the route will abort.

This is usefull because you can have role based control at your routes.
Every user with its token will be able to access only the routes are assigned to

For your tests, you can use any of the commands to convert between text and hex

text to hex

	echo -n joe | xxd -ps
	echo -n joe | od -A n -t x1 | sed 's/ //g'
	perl -E 'say unpack "H*", shift' joe

hex to text

	echo -n 6a6f65 | xxd -r -ps
	perl -E 'say pack "H*", shift' 6a6f65

If root privileges are needed, e.g. for the "native Linux" authentication Command,
set at the config.yml

	...
	Use sudo : true

Give  the user running the WebService superpowers through /etc/sudoers  e.g.

	# Allow wheel group to run any command
	vi /etc/sudoers
		...
		%wheel ALL=(ALL) NOPASSWD: ALL
		...

	# Make user member of the wheel group
	usermod -aG wheel dancer


George Bouras
