diff --git a/inc/auth.php b/inc/auth.php
index b72d5d1..bc2e978 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -13,28 +13,19 @@
  * @version 1.0
  */
 
-
+// sha256 hashs (TODO: move in conf file)
+$logins=array();
+$logins['foo'] = 'd5d3c723fb82cb0078f399888af78204234535ec2ef3da56710fdd51f90d2477';
+$logins['bar'] = '7938c84d6e43d1659612a7ea7c1101ed02e52751bb64597a8c20ebaba8ba4303';
 
 if ((empty($_GET['form']) || $_GET['form']!=1) && !empty($_POST)) {
-  $login=0;
   $username=$_POST['login'];
   $password=$_POST['passw'];
 
-
-  $login = pam_auth($username, $password);
- 
-  if ($login==1) {
+  if (hash("sha256",$password) == $logins[$username]) {
     $_SESSION['auth']=1;
     $_SESSION['user']=$username;
     $_SESSION['error']='';
-
-    $user = posix_getpwnam($username);
-    // On nettoie le nom complet
-    $gecos = explode(',',$user['gecos']);
-    $user['gecos'] = $gecos[0];
-    $_SESSION['user_id'] = $user['uid'];
-    $_SESSION['user_gid'] = $user['gid'];
-    $_SESSION['user_name'] = $user['gecos'];
   } else {
     $_SESSION['auth']=0;
     $_SESSION['user']='';