<?php
/*
 * Gallery - a web based photo album viewer and editor
 * Copyright (C) 2000-2007 Bharat Mediratta
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or (at
 * your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
 */

GalleryCoreApi::requireOnce('modules/httpauth/classes/HttpAuthHelper.class');

/**
 * Get active user from username and password in HTTP headers.
 *
 * HTTP authentication is handled between the user-agent and Gallery.  Gallery is responsible to
 * authenticate a user-supplied username / password pair.
 *
 * @package HttpAuth
 * @subpackage Classes
 * @author Jack Bates <ms419@freezone.co.uk>
 * @version $Revision: 15759 $
 */
class HttpAuthPlugin /* extends GalleryAuthPlugin */ {

    /**
     * @see GalleryAuthPlugin::getUser
     */
    function getUser() {
	list ($authtype, $username, $password) = HttpAuthHelper::getHttpAuth();

	list ($ret, $user) = HttpAuthHelper::getUser($authtype, $username);
	if ($ret) {
	    return array($ret, null);
	}

	/*
	 * We are effectively logging in on every request when we use this plugin.  We can't
	 * post a login event each time we do this, but we need to post FailedLogin events.
	 */
	if (isset($user) && $user->isCorrectPassword($password)) {
	    $ret = HttpAuthHelper::regenerateSessionIfNecessary($user);
	    if ($ret) {
		return array($ret, null);
	    }

	    return array(null, $user);
	} else if (!empty($username) && strpos($username, '__LOGOUT__') !== 0) {
	    /*
	     * Don't post an event if the username starts with __logout__ since that is used when we
	     * try to force the user-agent to clear its auth cache.
	     */
	    $event = GalleryCoreApi::newEvent('Gallery::FailedLogin');
	    $event->setData(array('userName' => $username));
	    list ($ret, $ignored) = GalleryCoreApi::postEvent($event);
	    if ($ret) {
		return array($ret, null);
	    }
	}

	return array(null, null);
    }
}
?>