#!/usr/bin/perl -w
use strict;
use warnings;
use CGI;
use CGI::Session;
use CGI::Session::Auth;
use CGI::FormBuilder;

my $q = CGI->new();
my $s = CGI::Session->new(undef,$q,{ Directory => '/tmp' });
my $auth = CGI::Session::Auth->new({ CGI => $q, Session => $s });
$auth->authenticate();

my $html;
if($auth->loggedIn){
  $html = showSecretPage($html);
} else {
  $html = showLoginPage();
}

print $s->header;
print $html;
print STDERR "Found end of script.\n";
1;

sub showSecretPage {
  my $html = shift;
  print STDERR "We are now logged in.\n";
  showNextForm($html);
}

sub showLoginPage {
  my $form = CGI::FormBuilder->new(
      name => 'LoginForm',
      method => 'post',
    );
  $form->field( name => 'userid', label => 'UserID' );
  $form->field( name => 'pw', label => 'PassWord', type => 'password' );

  my $html;
  if($form->submitted && $form->validate){
    $html = $form->confirm( header => 0 );
    $html .= showNextForm();
  } else {
    $html = $form->render( header => 0 );
  }
  return $html;
}

sub showNextForm {
  my $form = CGI::FormBuilder->new(
      name => 'NextForm',
      method => 'post',
    );
  $form->field( name => 'name', label => 'Name' );
  $form->field( name => 'age', label => 'Age' );

  my $html;
  if($form->submitted && $form->validate){
    $html .= $form->confirm( header => 0 );
  } else {
    $html .= $form->render( header => 0 );
  }
  return $html;
}