from storage import getUser, StorageFactory
from hashlib import sha512
from datetime import datetime

UNAUTH = 0
REGULAR = 1
BLOGGER = 2
ADMIN = 10

store = None
def getStore():
    global store
    if not store: store = StorageFactory()
    return store

def makeSessionToken(uname, time):
    user = getStore().getUser(uname)
    if not user:
        return 'Bullsh*t Token'
    parts = (uname, user.passhash, time)
    sep = ' ~`omg`~`hax`~`session`~`token`~ '
    token = sep.join(parts)
    token = sha512(token).hexdigest()
    return token

def currentUser(session):
    cookieNumber = (('REMOTE_USER' in session) +
                    ('REMOTE_TOKEN' in session) +
                    ('REMOTE_LOGIN_TIME' in session))
    if cookieNumber==0:
        # No user logged in
        return None
    if cookieNumber<3:  # I totally <3 cookies!
        # Don't have all 3 required session variables
        # Clear them, and return no user
        logIn('', '', session, logout=True)
        return None
    # We have all 3 variables, let's validate them
    mytoken = makeSessionToken(session['REMOTE_USER'],
                               session['REMOTE_LOGIN_TIME'])
    if mytoken != session['REMOTE_TOKEN']:
        # Bad login. Wipe it and return no user.
        logIn('', '', session, logout=True)
        return None
    #All is well, return the user with the desired uname
    return getStore().getUser(session['REMOTE_USER'])
    
def logIn(uname, password, session, logout=False):
    ''' Perform a secure login.
    Arguments are strings of the username and password requested,
    along with the environ of the request. The optional logout argument
    specifies whether a logout should be performed on the environ.

    Return True or False on success or fail.
    '''

    if logout:
        session['REMOTE_USER'] = ''
        session['REMOTE_TOKEN'] = ''
        session['REMOTE_LOGIN_TIME'] = ''
        session.pop('REMOTE_USER')
        session.pop('REMOTE_TOKEN')
        session.pop('REMOTE_LOGIN_TIME')
        return True
        
    user = getStore().getUser(uname)
    if not user:
        return False
    pwhash = sha512(password).hexdigest()
    if user.passhash == pwhash:
        session['REMOTE_USER'] = uname
        session['REMOTE_LOGIN_TIME'] = str(datetime.utcnow())
        session['REMOTE_TOKEN'] = makeSessionToken(session['REMOTE_USER'],
                                                   session['REMOTE_LOGIN_TIME'])
        return True
    return False