#!/usr/bin/perl -w

use strict;
use warnings;
use CGI;
use CGI::Auth::Hybrid;
use URI;

my $dump = "$ENV{'CAHTEST_HOME'}/dump";

my $verifier = CGI::Auth::Hybrid->new_verifier(
   assocdb_path => "$dump/assoc.db",
   username_password_ok => sub { my ($c,$r,$u,$p)=@_; return $p eq 'sesame'; },
);

END { $verifier->disconnect() if $verifier; }

my $q = CGI->new;

my $authreq = $verifier->new_request($q);

$authreq->check_ok() or exit;

my $cookie = $authreq->secret_cookie();
my $url = $q->url();
my $hiddenhtml = $authreq->secret_hidden_html();

print <<END;
Content-Type: text/html
Set-Cookie: $cookie

<html><head><title>TITLE</title></head>
<body><h1>H1</h1>
<h1>again</h1>

<form method="POST" action="$url">
$hiddenhtml
END