/*
 * Various user/login services.
 */

var UCKDebugTrace = 0;

var CookieHomePage = 'http://www.thelemistas.org';
var CookieDomain = '.thelemistas.org';
var CookieName = 'thist_id';
var CookieData = get_cookie(CookieName);
var CookieUser = '';
var CookieKey  = '';
var CookiePerm = '';  // Actions the logged in user will permit
var CookieAuth = '';  // Rights the logged in user has

if (CookieData) {
  var expir = expiration_date( '+1h' );
  set_cookie(CookieName, CookieData, expir, '/', CookieDomain);
  var d = CookieData.split(/\+/, 4);
  if (d) {
    CookieUser = d[0];
    CookieKey  = d[1];
    CookiePerm = d[2];
    CookieAuth = d[3];
  }
}

function check_login() {
  if (!CookieData) {
    if (UCKDebugTrace) alert('Getting cookie "' + CookieName + '"');
    CookieData = get_cookie(CookieName);
    if (!CookieData) {
      var here = location.href.split('members')[0];
      location.replace(here + 'members/login');
    }
  }
  else if (UCKDebugTrace) {
    alert(CookieName + '=[' + CookieData + ']');
  }
  return;
}

/*
 * This function checks the user's current authorizations for an input
 * tag.  If not present, the user is logged out and control transfers
 * to our main page.
 */
function check_user_auth(auth) {
  if (! (CookieAuth && CookieAuth.match(':'+auth+':'))) {
    // The user isn't authorized.  Log out, then leave.
    var expir = expiration_date( '0' );
    set_cookie(CookieName, CookieData, expir, '/', CookieDomain);
    location.replace(CookieHomePage);
  }
  return;
}

/*
 * Test to see if a user has an authorization. Return true if yes,
 * false if no.  (The actual 'true' return is a match array.)
 */
function user_has_auth(auth) {
  return (CookieAuth && CookieAuth.match(':'+auth+':'));
}

/*
 * Test to see if a user permits an action. Return true if yes,
 * false if no.  (The actual 'true' return is a match array.)
 */
function user_has_permit(perm) {
  return (CookiePerm && CookiePerm.match(':'+perm+':'));
}

/*
 * Receive a cookie name to set upon successful login, and a length
 * of time to keep the cookie.  Obtain user and password information
 * from document elements 'u' and 'p' respectively, and use them to
 * authenticate the user.  Once authentication passes, set the cookie
 * and return true.  If anything fails, return false.
 */
function check_credentials(relDir, cookie, how_long) {
  var u = document.getElementById('u');
  if (!u || !u.value) {
    alert("You have not entered a user name.");
    return false;
  }
  var user = u.value.toLowerCase();
  var p = document.getElementById('p');
  if (!p || !p.value) {
    alert("You have not entered a password.");
    return false;
  }
  var p_hash = hash_md5(p.value);

  // Confirm this user and password with the server.
  var url = relDir + '/Apps/check_login/' + user + '/' + p_hash;
  var r = fetch_response_csv(url, true);
  if (!r) {
    alert('User name and/or password are not correct.');
    return false;
  }

  // Made it.  Set a cookie to keep the user logged in, then return true.
  CookiePerm = r[0];
  CookieAuth = (r[1]) ? r[1] + 'LG:' : ':LG:';
  var cdata = user + '+' + p_hash + '+' + CookiePerm + '+' + CookieAuth;
  var expir = expiration_date( how_long );
  set_cookie(cookie, cdata, expir, '/', CookieDomain);
  p.value = p_hash;
  return true;
}

/*
 * Obtain the MD5 hash of a random string
 */
function hash_string(str) {
  if (str == null) str = '';
  return hash_md5(str);
}

function hash_form_value(me) {
  if (me) me.value = hash_md5(me.value);
  return;
}

/*
 * If the user is permitted to do action 'what', obtain a list of other
 * users who are also permitted to do that action.  Return that list as
 * an array whose elements are in pairs:
 *
 *   x[ n ] = user ID
 *   x[n+1] = user full name
 */
function userInteractList(relDir, what) {
  if (CookiePerm.indexOf(':'+what+':') < 0)
    return;
  var url = relDir + '/Apps/user_interact/' + what + '/-' + CookieUser;
  var r = fetch_response_csv(url);
  if (r) {
    var x = new Array(r.length * 2 / 3);
    var j = 0;
    var i = 0;
    while (i < r.length) {
      x[j++] = r[i++];  // User ID
      x[j++] = r[i++];  // User full name
      i++;  // Skip over other users' personal data
    }
    r = x;
  }

  return r;
}

/*
 * Wrapper around userInteractList(), specifically producing a select
 * list.  Return a string suitable for writing via document.write().
 * An empty string indicates that there was nothing suitable.
 */
function userInteractSelectList(relDir, what, label) {
  var sellist = '';
  var x = userInteractList(relDir, what);
  if (x) {
    sellist = '<select name="'+label+'" id="'+label+'">\n' +
              '<option value="..." select="selected">...</option>\n';
    var i = 0;
    while (i < x.length) {
      sellist = sellist + '<option value="'+x[++i]+'">'+x[i++]+'</option>\n';
    }
    sellist = sellist + '</select>';
  }
  return sellist;
}