<?php
// Routes

// Reads the file in access_list.json, and checks the user's access 

// Accepts post data containing:
//   postdata = {
//       "username": user,
//       "password": pw,
//       "checksum": md5.new(user + pw + AUTH_SECRET).hexdigest()
//   }


// Returns the following auth response:
//
//        {
//           "authenticated":true,
//           "permitted_resources":{
//              "corpora":{
//                 "vivill",
//                 "Wikipedia-sv"
//              }
//           }
//        }


$app->get('/corpuses/', function ($request, $response, $args) {
    // Sample log message
    $this->logger->info("Slim-Skeleton '/' route");

    // request JSON 
    $parsedBody = $request->getParsedBody();

    $data = array(
        'basic_auth_user' => $_SERVER['PHP_AUTH_USER'],
        'name' => 'blah',
    );

    // response
    $resp = $response->withJson($data);

    // Render index view
    return $resp; // return $this->renderer->render($resp);
});

$app->post('/auth/', function ($request, $response, $args) {
    $CONF = parse_ini_file( $this->get('settings')['corpus_access_configuration'], $process_sections=TRUE) ;

    $SHARED_SECRET = $CONF['general']['shared_secret']; 
    $KORP_USERS = $CONF['users'];
    $CORPUSES = $CONF['corpuses'];

    if (!$KORP_USERS || !$CORPUSES ) {
        return $response->withJSON(array("error" => "config files are formatted incorrectly"));
    }

    // Sample log message
    $this->logger->info("Slim-Skeleton '/' route");

    $user = $_POST['username'];
    $pass = $_POST['password'];
    $chec = $_POST['checksum'];

    if (!isset($user) || !isset($pass) || !isset($chec) ) {
        $error = "missing some important request parameter";
    } else {

        // check our local database for user/pass, if it matches, then also check
        // the checksum matches
        $exists = $KORP_USERS[$user] === $pass ;
        $corps = [];

        if ($exists !== false) {
            $local_check = md5($user . $pass . $SHARED_SECRET);
            if ($local_check === $chec) {
                $exists = TRUE;
                $corps = $CORPUSES[$user];
            } else {
                $error = 'checksum invalid';
            }
        } else {
            $exists = FALSE;
            $error = 'no such user';
        }

        $data = array(
            'authenticated' => $exists,
            'permitted_resources' => array(
                'corpora' => explode(", ", $corps),
            )
        );

    }

    if($error) {
        $data['error'] = $error;
        $data['authenticated'] = FALSE;
    }

    // response
    $resp = $response->withJson($data);

    // Render index view
    return $resp; // return $this->renderer->render($resp);
});