<?php
/* Copyright (C) 2007-2008 Jeremie Ollivier      <jeremie.o@laposte.net>
 * Copyright (C) 2008-2011 Laurent Destailleur   <eldy@uers.sourceforge.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */


/**
 * Class ot manage authentication for pos module (cashdesk)
 */
class Auth
{
	var $db;

	var $login;
	var $passwd;

	var $reponse;

	var $sqlQuery;

	/**
	 * Enter description here ...
	 *
	 * @param	DoliDB	$db			Database handler
	 * @return	void
	 */
	function __construct($db)
	{
		$this->db = $db;
		$this->reponse(null);
	}

	/**
	 * Enter description here ...
	 *
	 * @param 	string	$aLogin		Login
	 * @return	void
	 */
	function login($aLogin)
	{
		$this->login = $aLogin;
	}

	/**
	 * Enter description here ...
	 *
	 * @param 	string	$aPasswd	Password
	 * @return	void
	 */
	function passwd($aPasswd)
	{
		$this->passwd = $aPasswd;
	}

	/**
	 * Enter description here ...
	 *
	 * @param 	string 	$aReponse	Response
	 * @return	void
	 */
	function reponse($aReponse)
	{
		$this->reponse = $aReponse;
	}

	/**
	 * Validate login/pass
	 *
	 * @param	string	$aLogin		Login
	 * @param	string	$aPasswd	Password
	 * @return	int					0 or 1
	 */
	function verif($aLogin, $aPasswd)
	{
		global $conf,$langs;
		global $dolibarr_main_authentication,$dolibarr_auto_user;

		$ret=-1;

		$login='';

		$test=true;

        // Authentication mode
        if (empty($dolibarr_main_authentication)) $dolibarr_main_authentication='http,dolibarr';
        // Authentication mode: forceuser
        if ($dolibarr_main_authentication == 'forceuser' && empty($dolibarr_auto_user)) $dolibarr_auto_user='auto';
        // Set authmode
        $authmode=explode(',',$dolibarr_main_authentication);

        // No authentication mode
        if (! count($authmode))
        {
            $langs->load('main');
            dol_print_error('',$langs->trans("ErrorConfigParameterNotDefined",'dolibarr_main_authentication'));
            exit;
        }

		$usertotest=$aLogin;
		$passwordtotest=$aPasswd;
		$entitytotest=$conf->entity;

        // Validation tests user / password
        // If ok, the variable will be initialized login
        // If error, we will put error message in session under the name dol_loginmesg
        $goontestloop=false;
        if (isset($_SERVER["REMOTE_USER"]) && in_array('http',$authmode)) $goontestloop=true;
        if (isset($aLogin) || GETPOST('openid_mode','alpha',1)) $goontestloop=true;

        if ($test && $goontestloop)
        {
            include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
			$login = checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmode);
            if ($login)
            {
                $this->login($aLogin);
                $this->passwd($aPasswd);
                $ret=0;
            }
            else
            {
                $ret=-1;
            }
        }

		return $ret;
	}

}