package main

import (
	"fmt"
	"net/http"
	db "sanine.net/git/phlox/db"
)


func LoginUser(username, password string) (bool, db.Session, error) {
	auth, user, err := p.AuthenticateUser(username, password)
	if err != nil {
		return false, db.Session{}, err
	}
	if auth == false {
		return false, db.Session{}, nil
	}
	// auth was successful!
	session, err := p.CreateSession(user)
	if err != nil {
		return false, db.Session{}, err
	}
	return true, session, nil
}


func LoginPostHandler(w http.ResponseWriter, r *http.Request) {
	r.ParseForm()
	username := r.Form.Get("username")
	password := r.Form.Get("password")
	redirect := r.Form.Get("redirect")

	auth, session, err := LoginUser(username, password)
	if err != nil {
		// respond with error page
		w.WriteHeader(http.StatusInternalServerError)
		fmt.Fprintf(w, "an error was encountered when processing the request")
		log.Error(err)
	}

	if !auth {
		// not allowed!
		w.WriteHeader(http.StatusUnauthorized)
		fmt.Fprintf(w, "bad username or password")
		log.Errorf("failed login for %v", username)
	}

	http.SetCookie(w, &http.Cookie{
		Name: "phlox-session-id",
		Value: session.Id,
		SameSite: http.SameSiteLaxMode,
	}

	http.Header.Add("Location", redirect)
	http.WriteHeader(http.StatusTemporaryRedirect)
}