package org.openslx.imagemaster.session;

import org.apache.log4j.Logger;
import org.openslx.imagemaster.db.DbUser;
import org.openslx.imagemaster.thrift.iface.AuthenticationError;
import org.openslx.imagemaster.thrift.iface.AuthenticationException;

/**
 * Authenticates a user against a backend (ldap here)
 */
public class Authenticator
{

	private static Logger log = Logger.getLogger( Authenticator.class );

	/**
	 * Authenticate the user against whatever backend
	 * 
	 * @param username
	 * @param password
	 * @return
	 * @throws AuthenticationException
	 */
	public static User authenticate( String username, String password ) throws AuthenticationException
	{
		String login = username;
		/*
		if ( username.split( "@" ).length == 2 ) {
			log.info( "username is in username@organization format" );
			// we are in username@organization format
			DbSatellite satellite = DbSatellite.fromOrganization( username.split( "@" )[1] );
			if ( satellite == null )
				throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Unkown Organization." );
			login = satellite.getPrefix() + "_" + username.split( "@" )[0];
		} else if ( username.split( "_" ).length != 2 ) {
			log.info( "username is not in a valid format." );
			throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Credentials must be in (username@organization) or (prefix@username)" );
		}
		*/

		log.info( "Logging in with: " + login );

		User user = DbUser.forLogin( login, password ); // throws exception if credentials are invalid
		if ( user == null ) {
			log.debug( "Login failed: " + username );
			throw new AuthenticationException( AuthenticationError.GENERIC_ERROR, "Something went wrong." );
		}
		log.debug( "Login succesful: " + username );

		// if successfull: update/insert into db
		DbUser.insertOrUpdate( user );

		return user;
	}
	//
}