/*
 * Various user/login services.
 */

var UCKDebugTrace = 0;

var CookieHomePage = 'http://www.thelemistas.org/';
var CookieDomain = '.thelemistas.org';
var CookieName = 'thist_id';
var CookieData = get_cookie(CookieName);
var CookieUser = '';
var CookieDate = '';
var CookieKey  = '';
var CookiePerm = '';  // Actions the logged in user will permit
var CookieAuth = '';  // Rights the logged in user has

var LoginCkTimer;
var LoginLCTimer;
var DebugLogin = 0;
var DebugAlertObj = {className:'alphacube',width:400,okLabel:'OK'};

if (CookieData) {
  CookieDate = expiration_date( '+1h' );
  set_cookie(CookieName, CookieData, CookieDate, '/', CookieDomain);
  var d = CookieData.split(/\+/, 4);
  if (d) {
    CookieUser = d[0];
    CookieKey  = d[1];
    CookiePerm = d[2];
    CookieAuth = d[3];
  }
}

function check_login() {
  if (!CookieData) {
    if (UCKDebugTrace) alert('Getting cookie "' + CookieName + '"');
    CookieData = get_cookie(CookieName);
    if (!CookieData) {
      var here = location.href.split('members')[0];
      location.replace(here + 'members/login');
    }
  }
  else if (UCKDebugTrace) {
    alert(CookieName + '=[' + CookieData + ']');
  }
  return;
}

/*
 * This function checks the user's current authorizations for an input
 * tag.  If not present, the user is logged out and control transfers
 * to our main page.
 */
function check_user_auth(auth) {
  if (! (CookieAuth && CookieAuth.match(':'+auth+':'))) {
    // The user isn't authorized.  Log out, then leave.
    var expir = expiration_date( '0' );
    set_cookie(CookieName, CookieData, expir, '/', CookieDomain);
    location.replace(CookieHomePage);
  }
  return;
}

/*
 * Test to see if a user has an authorization. Return true if yes,
 * false if no.  (The actual 'true' return is a match array.)
 */
function user_has_auth(auth) {
  return (CookieAuth && CookieAuth.match(':'+auth+':'));
}

/*
 * Test to see if a user permits an action. Return true if yes,
 * false if no.  (The actual 'true' return is a match array.)
 */
function user_has_permit(perm) {
  return (CookiePerm && CookiePerm.match(':'+perm+':'));
}

/*
 * Receive a cookie name to set upon successful login, and a length
 * of time to keep the cookie.  Obtain user and password information
 * from document elements 'u' and 'p' respectively, and use them to
 * authenticate the user.  Once authentication passes, set the cookie
 * and return true.  If anything fails, return false.
 */
function check_credentials(relDir, cookie, how_long, u, p) {
  if (!u) {
    u = document.getElementById('u');
    if (!u || !u.value) {
      alert("You have not entered a user name.");
      return false;
    }
    u = u.value;
  }
  var user = u.toLowerCase();
  if (!p) {
    p = document.getElementById('p');
    if (!p || !p.value) {
      alert("You have not entered a password.");
      return false;
    }
    p = p.value;
  }
  var p_hash = hash_md5(p);

  // Confirm this user and password with the server.
  var url = relDir + '/Apps/check_login/' + user + '/' + p_hash;
  var r = fetch_response_csv(url, true);
  if (!r) {
    return false;
  }

  // Made it.  Set a cookie to keep the user logged in, then return true.
  CookiePerm = r[0];
  CookieAuth = (r[1]) ? r[1] + 'LG:' : ':LG:';
  var cdata = user + '+' + p_hash + '+' + CookiePerm + '+' + CookieAuth;
  var expir = expiration_date( how_long );
  set_cookie(cookie, cdata, expir, '/', CookieDomain);
  p.value = p_hash;
  cancel_login();
  return true;
}

function cancel_login() {
  var h = $__('login');
  h.style.visibility = 'hidden';
}

/*
 * Obtain the MD5 hash of a random string
 */
function hash_string(str) {
  if (str == null) str = '';
  return hash_md5(str);
}

function hash_form_value(me) {
  if (me) me.value = hash_md5(me.value);
  return;
}

/*
 * If the user is permitted to do action 'what', obtain a list of other
 * users who are also permitted to do that action.  Return that list as
 * an array whose elements are in pairs:
 *
 *   x[ n ] = user ID
 *   x[n+1] = user full name
 */
function userInteractList(relDir, what) {
  if (CookiePerm.indexOf(':'+what+':') < 0)
    return;
  var url = relDir + '/Apps/user_interact/' + what + '/-' + CookieUser;
  var r = fetch_response_csv(url);
  if (r) {
    var x = new Array(r.length * 2 / 3);
    var j = 0;
    var i = 0;
    while (i < r.length) {
      x[j++] = r[i++];  // User ID
      x[j++] = r[i++];  // User full name
      i++;  // Skip over other users' personal data
    }
    r = x;
  }

  return r;
}

/*
 * Wrapper around userInteractList(), specifically producing a select
 * list.  Return a string suitable for writing via document.write().
 * An empty string indicates that there was nothing suitable.
 */
function userInteractSelectList(relDir, what, label) {
  var sellist = '';
  var x = userInteractList(relDir, what);
  if (x) {
    sellist = '<select name="'+label+'" id="'+label+'">\n' +
              '<option value="..." select="selected">...</option>\n';
    var i = 0;
    while (i < x.length) {
      sellist = sellist + '<option value="'+x[++i]+'">'+x[i++]+'</option>\n';
    }
    sellist = sellist + '</select>';
  }
  return sellist;
}

function logIn() {
  var h = $__('login');
  h.style.visibility = 'visible';
}

function logOut() {
  Dialog.confirm('<p>Really log out?</p>',
       { className:'alphacube'
        ,zIndex:1001
        ,width:400
        ,okLabel:'yes'
        ,cancelLabel:'no'
        ,onOk:do_logout
       });
}

function do_login(win) {
  var usr = $__('lgi_user').value;
  var pwd = $__('lgi_pass').value;
  if (usr.length == 0) {
    $__('login_error_msg').innerHTML='Enter a user name.';
    return false;
  }

  if (pwd.length == 0) {
    $__('login_error_msg').innerHTML='Enter a password.';
    return false;
  }

  $__('login_error_msg').innerHTML='Wait...';
  var ok = check_credentials(RelDir, CookieName, '+1h', usr, pwd);
  if (!ok) {
    $__('login_error_msg').innerHTML='Login failed.';
    return false;
  }
  // If we are here, login was successful.
  location.reload(true);
  return true;
}

function refreshLogin() {
  if (LoginLCTimer) {
    clearTimeout(LoginLCTimer);
    LoginLCTimer = null;
  }
  CookieDate = expiration_date('+1h');
  set_cookie(CookieName, CookieData, CookieDate, '/', CookieDomain);
  if (DebugLogin >= 1) {
    if  ($__('debug-msg')) $__('debug-msg').innerHTML = dt;
    if (DebugLogin >= 2) Dialog.alert(dt + '\n' + document.cookie, DebugAlertObj);
  }
  return CookieDate;
}

function do_logout() {
  var expir = expiration_date( '0' );
  var url = RelDir;
  var data = (CookieData) ? CookieData : 'logout';
  set_cookie(CookieName, CookieData, expir, '/', CookieDomain);
  location.reload(true);
}

function do_refresh() {
  var dt = refreshLogin();
  setInterval('terminationCheck()', 5000);
  return true;
}

function terminationCheck() {
  if (!CookieDate) return false;
  var now = new Date();
  now = now.getTime();
  var expir = CookieDate.getTime();
  var diff = expir - now;
  if (diff >= 300000) return true;
  if (LoginCkTimer) {
    clearTimeout(LoginCkTimer);
    LoginCkTimer = null;
  }
  LoginLCTimer = setTimeout('do_logout()', 300000);
  if ((DebugLogin >= 1) && $__('debug-msg')) {
    $__('debug-msg').innerHTML = expiration_date('0');
  }
  Dialog.confirm('<p>Your login session will expire soon. Refresh it?</p>',
    {className:'alphacube',width:400,okLabel:'Yes',cancelLabel:'No',
     onOk:do_refresh,onCancel:do_logout});
  return true;
}

/*
 * Repeated timer to check login state. If [is logged in] has changed state
 * since the timer most recently fired, reload the current page. Stat has
 * changed if [there is a current cookie] does not match [CookieData is set].
 */
function trackLoginTimeout() {
  if (!LoginCkTimer) {
    LoginCkTimer = setInterval('trackLoginTimeout()', 5000);
  }
  if (get_cookie(CookieName)) {
    if (CookieData) {
      // Check whether the login has expired.
      terminationCheck();
	}
    else {
      // This user is no longer logged in.
      location.reload(true);
    }
  }
  else if (CookieData) {
    // This user is now logged in. Set the page up for a logged-in user.
    location.reload(true);
  }
}