<?php

/*
OneLobby
Copyright (C) 2007 Peter Goodman, Geoffrey Goodman

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/


/**
 * This whole section should be re-written to
 * use WT login method.
 */

define('TIME_NOW', time());

define('COOKIE_NAME', 'OLCookie007');
define('COOKIE_DURANCE', time() + 2592000); # 30 days

define('LOGIN_DISABLE', 0);
define('LOGIN_ATTEMPT_LIMIT', 5); # count
define('LOGIN_THROTTLE_DURANCE', 1); # minutes

define('REDIRECT_TIME', 3); # seconds

class LoginController extends k4PageController {
	
	function getPreFilters() {
		return array('request', 'session', 'user', 'debug_pre', 'template');
	}
	
	function getPostFilters() {
		return array('user_post', 'debug_post', 'history_post');
	}
	
	function index(&$reg, &$req, &$resp) {
		
		$reg->set('controller', $controller = 'LoginController');
		
		$user = &$reg->get('user');
		
		# For logged in users execute the logout function.
		if($user->isMember())
			$this->logout($reg, $req, $resp);
		
		# Check if the login has been disabled in the ACP.
		$this->_disabled($reg, $req, $resp);
		
		# Check the login throttle.
		$this->_throttle($reg, $req, $resp);
		
		# Execute the automatic login if it is requested by the cookie.
		$this->_load($reg, $req, $resp);
		
		# Writing the may existing login name into the login form.
		if($req->get('login_name'))
			$resp->assign('login_name', $req->get('login_name'));
		
		# Assigning the template files.
		$resp->assign('content', 'login_form.html');
		
		# Assigning the global template variables.
		$this->setPage("Login");
		$this->setLayout('forum_base.html');
	}
	
	function authenticate(&$reg, &$req, &$resp) {
		
		$reg->set('controller', $controller = 'LoginController');
		
		$user = &$reg->get('user');
		$info = &new InformationDisplay($reg, $req, $resp);
		
		# For logged in users execute the logout function. (For security reasons.)
		if($user->isMember())
			$this->redirect('/login/');
		
		# TODO: Checking the referer and if it's /login/
		#		then the user is allowed to access this method.
		
		# Check if the login has been disabled in the ACP.
		$this->_disabled($reg, $req, $resp);
		
		# check the login throttle
		$this->_throttle($reg, $req, $resp);
		
		# check the login information
		if ($req->get('login_name') == '' || $req->get('login_pass') == '') {
			$info->text('You must supply your username and the password.', '/login/', REDIRECT_TIME);
		}
		
		# get the specified user
		$finder = &$this->getFinder('users');
		$member = &$finder->findBy('name', $req->get('login_name'));
		
		# no such user found
		if ($member == NULL) {
			/*
			$guest = &$finder->find(K4_GUEST_ID);
			
			# no guest record in the database
			if ($guest == NULL) {
				$this->informationPage('The users table has been corrupted, please contact an administrator.');
			}
			*/	
			# redirect to the login
			$info->text('Either the username or the password was invalid.', '/login/', REDIRECT_TIME);

		# user was found
		} else {
			# Check if the account was locked.
			if((int)$member->get('lock') == 1) {
				$info->display('accountLocked');
			}
			
			$req->registerFilter('login_pass', new FALambdaFilter('k4_hash'));
			
			# password was incorrect
			if($req->get('login_pass') != $member->get('pass')) {
				# Handle the login throttle.
				$this->_attempt($reg, $req, $resp);
				
				# Redirect to the login.
				$info->text('Either the username or the password has been invalid.', '/login/', REDIRECT_TIME);
				
			# If the password was correct.
			} else {
				
				session_regenerate_id();
				
				# Get the session.
				$session = &$reg->get('session');
				
				$session->set('k4_user_id', $member->getId());
				
				$reg->set('user', $member);
				
				# Reset the login attempt count to zero.
				unset($_SESSION['login_attempts']);
				unset($_SESSION['login_throttle']);
				
				# Process the automatic login.
				$this->_save($reg, $req, $resp);
				
				$this->redirect($this->popReferer());
			}
		}
	}
	
	function logout(&$reg, &$req, &$resp) {
		
		$reg->set('controller', $controller = 'LoginController');
		
		$user = &$reg->get('user');
		
		# Checking if the user is logged in to logout. (LOL!)
		if(!$user->isMember()) {
			$info = &new InformationDisplay($reg, $req, $resp);
			$info->display('loginRequired');
		}
		
		$this->_delete($reg, $req, $resp);
		
		# Deleting the member session.
		$session = &$reg->get('session');
		$session->clear();
		
		$this->redirect($this->popReferer());
	}
	
	
	function _attempt(&$reg, &$req, &$resp) {
		$session = &$reg->get('session');
		
		$one = 1;
		# Increase the login attempt count. (Session)
		if($session->get('login_attempts') === NULL) {
			$session->set('login_attempts', $one);
		
		} else {
			$new = $session->get('login_attempts') + $one;
			$session->set('login_attempts', $new);
			
			# Set the login throttle if the login attempt limit is reached. (Session)
			if($session->get('login_attempts') >= LOGIN_ATTEMPT_LIMIT) {
				$session->set('login_throttle', $now = TIME_NOW);
			}
		}
	}
	
	function _delete(&$reg, &$req, &$resp) {
		$user = &$reg->get('user');
		
		# Checking if the cookie exists.
		if(isset($_COOKIE[COOKIE_NAME])) {
			$cookie = $_COOKIE[COOKIE_NAME];
		}
		
		if($user->getId() != K4_GUEST_ID)
		{
			# Deleting the cookie and the database entry.
			$finder = &$this->getFinder('users');
			$member = &$finder->find($user->getId());
		
			$member->set('login_key', NULL);
		
			if ($member->save()) {
				if(isset($cookie['login_key']))
					setcookie(COOKIE_NAME . '[login_key]', "", time() - COOKIE_DURANCE);
			} else {
				$this->informationPage('An error occured while updating the user in the database. (SET login_key = NULL)');
			}
		}
	}
	
	function _disabled(&$reg, &$req, &$resp) {
		if((bool)LOGIN_DISABLE == true) {
			$info = &new InformationDisplay($reg, $req, $resp);
			$info->text('Logging in has been disabled serverside.');
		}
	}
	
	function _load(&$reg, &$req, &$resp) {
		# Checking if the cookie exists.
		if(isset($_COOKIE[COOKIE_NAME])) {
			$cookie = $_COOKIE[COOKIE_NAME];
		}
		
		# Requesting the specific user.
		if(isset($cookie['login_key'])) {
			$finder = &$this->getFinder('users');
			$member = &$finder->findBy('login_key', $cookie['login_key']);
			
			# No such member found.
			if ($member == NULL) {
				# Kill the automatic login cookie.
				$this->_delete($reg, $req, $resp);
				
				# Redirect to the login if the user was not found.
				setcookie(COOKIE_NAME . '[login_key]', "", time() - COOKIE_DURANCE);
				$info = &new InformationDisplay($reg, $req, $resp);
				$info->text('An error occured while trying to log you in automatically.', '/login/', REDIRECT_TIME);
				
			# The member was found.
			} else {
				// TODO:{[Check if the account is locked.[_autologin_load[LoginController}
				/*
				if($member->get('account_lock') == 1) {
					$info = &new InformationDisplay($reg, $req, $resp);
					$info->display('accountLocked');
				}
				*/
				$session = &$reg->get('session');
				
				$session->set('k4_user_id', $member->getId());
				
				$reg->set('user', $member);
				
				# Reset the login attempt count to zero.
				unset($_SESSION['login_attempts']);
				unset($_SESSION['login_throttle']);
				
				// TODO:{[Make this go to the referer![_autologin_load[LoginController}
				$this->redirect('/');
			}
		}
	}
	
	function _save(&$reg, &$req, &$resp) {
		if((int)$req->get('save_login') == 1) {
			# Creating the unique login key.
			$login_key = k4_hash((string)$req->get('login_name') . (string)TIME_NOW);
			
			var_dump($login_key);
			
			$finder = &$this->getFinder('users');
			$user = &$finder->findBy('name', $req->get('login_name'));
			$user->set('login_key', $login_key);
			$user->set('last_login', $user->get('last_seen'));
			
			if($user->save()) {
				# Setting the cookie.
				setcookie(COOKIE_NAME . '[login_key]', $login_key, COOKIE_DURANCE);
				
			} else {
				$this->informationPage('An error occured while updating the user in the database. (SET login_key = *)');
			}
		}
	}
	
	function _throttle(&$reg, &$req, &$resp) {
		$session = &$reg->get('session');
		
		# Check if the login throttle is enabled.
		if($session->get('login_throttle') !== NULL) {
			# Delete the throttle if it has exceeded the maximum durance.
			if(($session->get('login_throttle')) < (TIME_NOW - (LOGIN_THROTTLE_DURANCE * 60))) {
				unset($_SESSION['login_throttle']);
				unset($_SESSION['login_attempts']);
				
			# Deny the login.
			} else {
				$info = &new InformationDisplay($reg, $req, $resp);
				$info->display('loginDisabled');
			}
		}
	}
}

?>