1 files changed, 27 insertions, 47 deletions

diff --git a/README.md b/README.md
index 08ce4e4..826c929 100644
--- a/README.md
+++ b/README.md
@@ -1,60 +1,40 @@
-# apache-auth-xmppmessage
+# auth-xmppessage
 
-Authenticate users using tokens sent via xmpp.
+### Compile
 
-This script is almost stateless, there is no database required.
-To protect against DoS it uses a lockfile, this way allowing only on
-instance at a time.
+It's written in rust, compile it with `cargo build`.
 
-## Install requirements
+### Run
 
-    # pip
-    pip3 install --user -r sleekxmpp==1.3.1
+```
+Usage: ./target/debug/auth_xmppmessage [options]
 
-    # FreeBSD:
-    pkg install py34-sleekxmpp
-    pkg install ap24-mod_authnz_external24
+Options:
+    -j, --jid JID       bot jid
+    -p, --password PASSWORD
+                        bot password
+    -s, --secret SECRET server secret for token generation
+    -t, --time HOURS    Validity of the token in hours (default 48)
+    -o, --port PORT     TCP Port to listen on
+    -d, --debug         Use loglevel Debug instead of Warn
+    -n, --nosend        Don't send XMPP message, just print debug infos
+    -h, --help          print this help menu
+```
 
+### Nginx configuration
 
-## Configuration
-
-    DefineExternalAuth xmpp-login pipe /usr/local/etc/apache24/login.py
-    <Location /foo>
-        AuthType Basic
-        AuthName "Login with Jabber ID and empty password to request a token"
-        AuthBasicProvider external
-        AuthExternalContext "validsec=7200;secret=adsasd;users=user1@jabber.org,user2@jabber.org;jid=bot@jabber.org;jid_pw=secret-xmpp-pw"
-        AuthExternal xmpp-login
-        Require valid-user
-    </Location>
-
-### Options
-
-- validsec: timespan in which a token is valid.
-  There are always 2 valid tokens, the current and the previous.
-  The current is `token(now % validsec)`. The previous is `token(now % validsec - validsec)`.
-  A token valid-range is determined by `% validsec` and NOT by the time the token was requested.
-- secret: random secret data. Used as a salt for the token.
-- users: comma separated list of JIDs that are allowed to receive tokens.
-  Tokens are user-specific. User `A` cannot use the token from user `B`.
-- jid: JID of the bot who sends the tokens to the users.
-- jid\_pw: password of the bot.
-
-
-
-# nginx
-
-## configuration
-
-        location /grafana {
-            auth_request /_auth;
-            # ...
-        }
-
+```
         location = /_auth {
-            proxy_pass http://localhost:8081/;
+            proxy_pass http://127.0.0.1:8081/; # --port PORT
             proxy_pass_request_body off;
             proxy_set_header Content-Length "";
             proxy_set_header X-Original-URI "$scheme://$host$request_uri";
+            proxy_set_header X-Allowed-Jid "JID1,JID2";
         }
 
+        location /app {
+            satisfy any;
+            auth_request /_auth;
+            deny all;
+        }
+```