#!/usr/bin/env perl
#server.pl
use strict;
use warnings;

use Mojolicious::Lite;

plugin 'ClientIP';
plugin 'basic_auth_plus';

# sample data for authentication
my %accepted_IPs = ( '10.0.0.3' => 1 );
my %users        = ( usr1      => 'pwd1', usr2 => 'pwd2' );

# sample data to send back to client
my $text_a = 'Né più mai toccherò le sacre sponde';
my $text_b = 'ove il mio corpo fanciulletto giacque,';

# I expect all non specified routes to answer 404, right?

sub checkUserPW {
    my $self = shift;
    my ($href, $auth_ok) = $self->basic_auth(
        realm => sub { 
            if ( exists $users{$_[0]} and  $users{$_[0]} eq $_[1]){
                return 1;
            }
            return 0;
    });
}

sub checkIP {
    my $c = shift;
    my $remote_IP = $c->client_ip;
    if (exists $accepted_IPs{$remote_IP}) {
        return 1;
    }
    return 0;
}

sub checkCreds {
    my $c = shift;
    return 1 if ( checkIP($c) && checkUserPW($c) );
    return 0;
}

under sub {
    my $c = shift;
    return 1 if checkCreds($c);
    $c->render(status => 401, text => 'not ok');
    return undef;
};

get 'get_first' => sub {
    my $c = shift;
    return $c->render(text => $text_a);
};

get 'get_second' => sub {
    my $c = shift;
    return $c->render(text => $text_b);
};

app->start;