WIP: remove "shared keys logic" and use logged user hash.

src/authd/client.cr

@@ -242,12 +242,8 @@ module AuthD
 			end
 		end
 
-		def delete(user : Int32 | String, key : String)
+		def delete(user : Int32 | String)
-			send_now Request::Delete.new user, key
+			send_now Request::Delete.new user
-			delete_
-		end
-		def delete(user : Int32 | String, login : String, pass : String)
-			send_now Request::Delete.new user, login, pass
 			delete_
 		end
 		def delete_

src/client.cr

@@ -80,6 +80,8 @@ class Actions
 		password = Actions.ask_password
 		exit 1 unless password
 
+		# TODO: login.
+
 		# By default: no phone, not admin.
 		pp! authd.add_user login, password.not_nil!, false, email, nil, profile: profile
 	rescue e : AuthD::Exception
@@ -120,6 +122,8 @@ class Actions
 		email = Context.email
 		phone = Context.phone
 
+		# TODO: login.
+
 		Baguette::Log.error "This function shouldn't be used for now."
 		Baguette::Log.error "It is way too cumbersome."
 
@@ -131,12 +135,10 @@ class Actions
 		args = Context.args.not_nil!
 		userid = args[0].to_i
 
-		# Check if the request comes from an admin or the user.
+		# Context.authd_login, Context.authd_pass
-		res = if Context.shared_key.nil?
+		# TODO: login.
-			authd.delete userid, Context.authd_login, Context.authd_pass
+
-		else
+		res = authd.delete userid
-			authd.delete userid, Context.shared_key
-		end
 
 		puts res
 	end
@@ -159,6 +161,7 @@ class Actions
 	def user_recovery
 		args = Context.args.not_nil!
 		login, email = args[0..1]
+		# TODO: login.
         pp! authd.ask_password_recovery login, email
 	end
 
@@ -167,6 +170,7 @@ class Actions
 		user, application, resource = args[0..2]
 		# pp! user, application, resource
 
+		# TODO: login.
 		res = @authd.check_permission user.to_i, application, resource
 		puts res
 	end
@@ -176,6 +180,7 @@ class Actions
 		user, application, resource, permission = args[0..3]
 		# pp! user, application, resource, permission
 
+		# TODO: login.
 		perm = AuthD::User::PermissionLevel.parse(permission)
 		res = @authd.set_permission user.to_i, application, resource, perm
 		puts res

src/requests/permissions.cr

@@ -1,42 +1,21 @@
 class AuthD::Request
 	IPC::JSON.message CheckPermission, 9 do
-		property shared_key : String? = nil
-		property token      : String? = nil
-
 		property user       : Int32 | String
 		property service    : String
 		property resource   : String
 
-		def initialize(@shared_key, @user, @service, @resource)
+		def initialize(@user, @service, @resource)
 		end
 
 		def handle(authd : AuthD::Service, fd : Int32)
-			authorized = false
+			# Get currently logged user.
-
+			logged_user = authd.get_logged_user? fd
-			if key = @shared_key
+			if logged_user.nil?
-				if key == authd.configuration.shared_key
+				return Response::Error.new "you must be logged"
-					authorized = true
-				else
-					return Response::Error.new "invalid key provided"
-				end
 			end
 
-			if token = @token
+			unless logged_user.admin
-				user = authd.get_user_from_token token
+				return Response::Error.new "unauthorized (not admin)"
-
-				if user.nil?
-					return Response::Error.new "token does not match user"
-				end
-
-				if user.login != @user && user.uid != @user
-					return Response::Error.new "token does not match user"
-				end
-
-				authorized = true
-			end
-
-			unless authorized
-				return Response::Error.new "unauthorized"
 			end
 
 			user = case u = @user