#! /usr/local/perl
package User;
use strict;

sub validate
{
 my $self = ();
 shift;
 $self->{dbh} = shift;
 $self->{username} = shift;
 $self->{passwd} = shift;
 $self->{qstr} = "select count(user_name) from users where user_name = \'$self->{username}\' and user_pass = \'$self->{passwd}\'";
 $self->{error_msg} = "Invalid Login";
 $self->{res} = undef;
 bless($self);

 my $q_stmt = $self->{dbh}->prepare($self->{qstr});
 $q_stmt->execute();

 my @data = $q_stmt->fetchrow_array();

 if (@data[0] == 1)
 {
   $self->{res} = 1;
 }

 return($self);
}

sub guest
{
 my $self = ();
 shift;
 $self->{dbh} = shift;
 $self->{username} = "Guest";
 $self->{logged_in} = undef;
 $self->{passwd} = "";
 bless($self);

 return($self);
}

sub is_logged_in
{
 my $self = shift;
 return $self->{logged_in};
}

1;


##</code><code>##

<%once>
$AuthDBH = DBI->connect('dbi:mysql:authority:10.33.8.159', 'appadmin', 'f00tbal
l')  or die "poop sandwich";
$RepDBH = DBI->connect('dbi:mysql:reports:10.33.8.159', 'appadmin', 'f00tball')
 or die "poop sandwich";

 use Auth::User;
 use Digest::SHA1;

</%once>
<%init>
 my %cookies = Apache2::Cookie->fetch($r);
 my $guest = User->guest;
 my $user;

 if (exists $cookies{user_login})
 {
   my %user_info = $cookies{user_login}->value;

   if ( $user_info{used_id} && $user_info{MAC})
   {
     my $MAC = Digest::SHA1::sha1_hex($user_info{user_id}, "Get the S1gnal!");

     if ( $user_info{MAC} eq $MAC )
     {
       $user = User->new($user_info{used_id});
     }
   }
 }

 local $User = $user || $guest;

 $m->call_next

</%init>
<%flags>
 inherit=>undef
</%flags>

##</code><code>##

<%init>
my $item;
my $date;
my @line;

#Yes, I am sending a plain text password here... I'll digest it in SHA1 in the next step
my $res = User->validate($AuthDBH, $ARGS{username}, $ARGS{password});

my $url;

if (length($ARGS{ret_url}) <= 1)
{
 $url = "/index.html";
}

if ($res->{res})
{
 my $MAC = Digest::SHA1::sha1_hex($ARGS{username}, "Get the S1gnal!");

 Apache2::Cookie->new
      ( $r,
        -name  => 'user_login',
        -value => { user_id => $ARGS{username}, MAC => $MAC },
        -path  => '/',
        -domain  => 'ruth.dobson.net',
        -expires => '+1M',
      )->bake($r);

}
else
{

 if (index($ARGS{ret_url}, '?') >= 0)
 {
   $url .= "&login_error=$res->{error_msg}";
 }
 else
 {
   $url .= "?login_error=$res->{error_msg}";
 }
}

$url= "/test.html";
$m->redirect($url);
</%init>

<%flags>
 inherit=> '/syshandler'
</%flags>