<?php /* Copyright (c) 2024 Freya Murphy */

ini_set('html_errors', '1');

$webroot = dirname(__FILE__);
$publicroot = realpath(dirname(__FILE__) . '/../public');

// load stuff
require($webroot . '/helpers/ldap.php');
require($webroot . '/helpers/auth.php');

// start session
function page($file,  $data = array()) {
	extract($data);
	$webroot = $GLOBALS['webroot'];
	require($webroot . '/views/header.php');
	require($webroot . "/views/$file.php");
	require($webroot . '/views/footer.php');
}

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
	parse_str(file_get_contents('php://input'), $post);
	$res = ldap_auth($post['username'], $post['password']);
	$msg = '';
	$title = '';
	if ($res) {
		$msg = 'Authenticated. You can now go back to your content';
		$title = 'Success';
		key_new($post['username']);
	} else {
		$msg = 'Invalid Credentials';
		$title = 'Error';
	}
	page('message', array(
		'title' => $title,
		'msg' => $msg
	));
} else {
	if (($user = key_auth())) {
		http_response_code(200);
		header("X-Webauth-User: $user");
		die();
	}

	$host = $_SERVER['HTTP_HOST'];
	$env = getenv("HTTP_HOST");
	if ($_SERVER['REQUEST_URI'] !== '/login') {
		// we are being forwarded authed
		// redirect
		http_response_code(303);
		header("Location: http://$env/login");
	} else {
		page('login', array(
			'title' => 'Login'
		));
	}
}