<?php /* Copyright (c) 2024 Freya Murphy */

$keys = array();

function get_cookie() {
	$cookie_name = 'X-LDAP-Auth-Key';
	if(isset($_COOKIE[$cookie_name])) {
		return $_COOKIE[$cookie_name];
	} else {
		return FALSE;
	}
}

function store_cookie($key) {
	$cookie_name = 'X-LDAP-Auth-Key';
	$cookie_options = array (
         'expires' => time() + 60*60*24*30,
         'path' => '/',
		 'domain' => getenv("COOKIE_DOMAIN"),
		 'secure' => true,
		 'httponly' => true,
		 'samesite' => 'None'
    );
	setcookie(
		$cookie_name,
		$key,
		$cookie_options
	);
}

function load_key($key) {
	$file = "/tmp/$key";
	if (!file_exists($file))
		return FALSE;
	$content = explode("\n", file_get_contents($file));
	return array(
		'user' => $content[0],
		'time' => $content[1]
	);
}

function store_key($key, $user) {
	$file = "/tmp/$key";
	$now = (string)time();
	$content = "$user\n{$now}";
	file_put_contents($file, $content, LOCK_EX);
}

function get_random($n)
{
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $randomString = '';

    for ($i = 0; $i < $n; $i++) {
        $index = rand(0, strlen($characters) - 1);
        $randomString .= $characters[$index];
    }

    return $randomString;
}

function key_auth() {
	$key = get_cookie();
	if ($key === FALSE) {
		return FALSE;
	}
	$data = load_key($key);
	if ($data === FALSE) {
		return FALSE;
	}
	$user = $data['user'];
	$time = $data['time'];
	$now = time();
	if ($time > $now || $now - $time > 60 * 60 * 24) {
		return FALSE;
	}
	store_key($key, $user);
	return  $user;
}

function key_new($user) {
	$key = get_random(128);
	store_key($key, $user);
	store_cookie($key);
}