package SL::Controller::LoginScreen;

use strict;

use parent qw(SL::Controller::Base);

use SL::Dispatcher::AuthHandler::User;
use SL::User;

#
# actions
#

sub action_user_login {
  my ($self) = @_;

  # If the user is already logged in then redirect to the proper menu
  # script.
  return if $self->_redirect_to_main_script_if_already_logged_in;

  # Otherwise show the login form.
  $self->render('login_screen/user_login');
}

sub action_logout {
  my ($self) = @_;

  $::auth->destroy_session;
  $::auth->create_or_refresh_session;
  $self->render('login_screen/user_login', error => $::locale->text('You are logged out!'));
}

sub action_login {
  my ($self) = @_;

  %::myconfig      = $::form->{'{AUTH}login'} ? $::auth->read_user(login => $::form->{'{AUTH}login'}) : ();
  %::myconfig      = SL::Dispatcher::AuthHandler::User->new->handle(countrycode => $::myconfig{countrycode});
  $::form->{login} = $::myconfig{login};
  $::locale        = Locale->new($::myconfig{countrycode}) if $::myconfig{countrycode};
  my $user         = User->new(login => $::myconfig{login});

  # if we get an error back, bale out
  my $result = $user->login($::form);

  # Database update available?
  ::end_of_request() if -2 == $result;

  # Auth DB needs update? If so log the user out forcefully.
  if (-3 == $result) {
    $::auth->destroy_session;
    return $self->render('login_screen/auth_db_needs_update');
  }

  # Other login errors.
  if (0 > $result) {
    $::auth->punish_wrong_login;
    return $self->render('login_screen/user_login', error => $::locale->text('Incorrect username or password!'));
  }

  # Everything is fine.
  $::auth->set_cookie_environment_variable();

  $self->_redirect_to_main_script($user);
}

#
# settings
#
sub get_auth_level {
  return 'none';
}

sub keep_auth_vars_in_form {
  return 1;
}

#
# private methods
#

sub _redirect_to_main_script {
  my ($self, $user) = @_;

  return $self->redirect_to($::form->{callback}) if $::form->{callback};

  my %style_to_script_map = (
    v3  => 'v3',
    neu => 'new',
    v4  => 'v4',
  );

  my $menu_script = $style_to_script_map{$user->{menustyle}} || '';

  $self->redirect_to(controller => "menu${menu_script}.pl", action => 'display');
}

sub _redirect_to_main_script_if_already_logged_in {
  my ($self) = @_;

  # Get 'login' from valid session.
  my $login = $::auth->get_session_value('login');
  return unless $login;

  # See whether or not the user exists in the database.
  my %user = $::auth->read_user(login => $login);
  return if ($user{login} || '') ne $login;

  # Check if the session is logged in correctly.
  return if SL::Auth::OK() != $::auth->authenticate($login, undef);

  $::auth->create_or_refresh_session;
  $::auth->delete_session_value('FLASH');

  $self->_redirect_to_main_script(\%user);

  return 1;
}

1;