use strict; 
use warnings;

use lib "/usr/local/apache/virtual/itiv/modules";
use Mapps::Session;
use Mapps::Auth;

####################
# Get current session
# and check for expiry

my $sid;

# get session id from cookie
my $cookies = Apache::Cookie->fetch();
if ($cookies->{license_session}) {
    $sid =  $cookies->{license_session}->value();

    # load session from db
    my $s = Mapps::Session->new();
    $s->load_session($sid);

    # session is good continue
    if (defined $s){
        $m->call_next;
    # Else session is undefined
    }else{  
        denied();
    }
# Else cookie does not exist.
}else{
    denied();
}

# Delete cookie and
# redirect to login.
sub denied {
    # set cookie
    Apache::Cookie->new( $r,
        name => 'license_session',
        value => '',
        path => '/', 
    )->bake;
    my $url = $m->comp('/login.html', msg=>"Invalid session or cookie");
    print "$url\n\n";
}