package com.mycompany.messages;

import java.io.IOException;
import java.util.Map;
import javax.faces.context.FacesContext;
import javax.faces.application.FacesMessage;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.Cookie;

/**
 * This class performs authentication in the Project Billboard
 * application.
 *
 * @author Hans Bergsten, Gefion Software <hans@gefionsoftware.com>
 * @version 1.0
 */
public class AuthenticateAction {
    private String username;
    private String password;
    private boolean remember;
    private boolean rememberSet;
    private EmployeeRegistryBean empReg;
    private String origURL;

    /**
     * Returns the current username, or the value of a "username"
     * cookie if no username is set.
     */
    public String getUsername() {
	if (username == null) {
	    FacesContext context = FacesContext.getCurrentInstance();
	    Map cookies = context.getExternalContext().getRequestCookieMap();
	    Cookie c = (Cookie) cookies.get("username");
	    if (c != null) {
		username = c.getValue();
	    }
	}
	return username;
    }

    /**
     * Sets the username.
     */
    public void setUsername(String username) {
	this.username = username;
    }

    /**
     * Returns the current password, or the value of a "password"
     * cookie if no username is set.
     */
    public String getPassword() {
	if (password == null) {
	    FacesContext context = FacesContext.getCurrentInstance();
	    Map cookies = context.getExternalContext().getRequestCookieMap();
	    Cookie c = (Cookie) cookies.get("password");
	    if (c != null) {
		password = c.getValue();
	    }
	}
	return password;
    }

    /**
     * Sets the password.
     */
    public void setPassword(String password) {
	this.password = password;
    }

    /**
     * Returns the "remember" property value, or "true" if this property
     * isn't set and a "password" cookie has a value.
     */
    public boolean getRemember() {
	if (!rememberSet) {
	    FacesContext context = FacesContext.getCurrentInstance();
	    Map cookies = context.getExternalContext().getRequestCookieMap();
	    Cookie c = (Cookie) cookies.get("password");
	    if (c != null) {
		remember = true;
	    }
	}
	return remember;
    }

    /**
     * Sets the "remember" property value.
     */
    public void setRemember(boolean remember) {
	this.remember = remember;
	rememberSet = true;
    }

    /**
     * Sets the registry holding user information.
     */
    public void setRegistry(EmployeeRegistryBean empReg) {
	this.empReg = empReg;
    }

    /**
     * Returns the originally requested URL, or null if none is set.
     */
    public String getOrigURL() {
	// Need to do this because the access control filter uses a
	// different parameter name than the login form
	if (origURL == null) {
	    FacesContext context = FacesContext.getCurrentInstance();
	    Map param = 
		context.getExternalContext().getRequestParameterMap();
	    String s = (String) param.get("origURL");
	    if (s != null) {
		origURL = s;
	    }
	}
	return origURL;
    }

    /**
     * Sets the originally requested URL.
     */
    public void setOrigURL(String origURL) {
	this.origURL = origURL;
    }

    /**
     * Autheticates a user with help from the EmployeeRegistryBean.
     * If the user can be authenticated, the "validUser" session 
     * attribute is set to an instance of the EmployeeBean, to
     * serve as an authentication token in this application.
     * <p>
     * Cookies with the user name and password are set or reset
     * as specified by the "remember" request parameter.
     *
     */
    public String authenticate() {

	String result = null;
	FacesContext context = FacesContext.getCurrentInstance();

	EmployeeBean emp = empReg.authenticate(username, password);
	if (emp != null) {
	    Map sessionMap = 
		context.getExternalContext().getSessionMap();
	    sessionMap.put("validUser", emp);
	    setLoginCookies(context, remember, username, password);
                
	    // Next page is the originally requested URL or main
	    if (origURL != null && origURL.length() != 0) {
		String newPath = context.getApplication().getViewHandler().
		    getActionURL(context, origURL);
		try {
		    context.getExternalContext().redirect(newPath);
		}
		catch (IOException e) {}
		context.responseComplete();
		result = "newViewSet";
	    }
	    else {
		result = "success";
	    }
	}
	else {
	    // Invalid login.
	    FacesMessage msg = 
		new FacesMessage(FacesMessage.SEVERITY_ERROR,
				 "Invalid username or password", null);
	    context.addMessage(null, msg);
	    result = "failure";
	}
	return result;
    }

    /**
     * Set or "delete" the login cookies, depending on the value of the
     * "remember" parameter.
     */
    private void setLoginCookies(FacesContext context, boolean remember,
				 String username, String password) {

	HttpServletRequest request = 
	    (HttpServletRequest) context.getExternalContext().getRequest();
	HttpServletResponse response = 
	    (HttpServletResponse) context.getExternalContext().getResponse();
	Cookie usernameCookie = new Cookie("username", username);
	Cookie passwordCookie = new Cookie("password", password);
	// Cookie age in seconds: 30 days * 24 hours * 60 minutes * 60 seconds
	int maxAge = 30 * 24 * 60 * 60;
	if (!remember) {
	    // maxAge = 0 to delete the cookie
	    maxAge = 0;
	}
	usernameCookie.setMaxAge(maxAge);
	passwordCookie.setMaxAge(maxAge);
	usernameCookie.setPath(request.getContextPath());
	passwordCookie.setPath(request.getContextPath());
	response.addCookie(usernameCookie);
	response.addCookie(passwordCookie);
    }
}