import config
import utils
import base64
from passlib.apache import HtpasswdFile

# This authentication provider reads a local Apache-style htpassword file
# and performs HTTP Basic authentication.

passwd_file = ".htpasswd"
realm = "cargohold"

def login(env, post):
	auth = get(env)

	if not auth:
		return ["Please authenticate", [("WWW-Authenticate",'Basic realm="' + realm + '"')], "401 Authenticate"]

	utils.ensure_user(auth["user"])
	return utils.redirect("/admin")

def get(env):
	auth = env.get("HTTP_AUTHORIZATION", "")
	if auth and auth.startswith("Basic "):
		auth = str(base64.b64decode(auth[6:]), "utf-8").split(":")
		try:
			ht = HtpasswdFile(passwd_file)
			if ht.check_password(auth[0], auth[1]):
				return {"user": auth[0], "expire": None}
		except IOError:
			print("LocalBasicAuth: Failed to read credentials file at " + passwd_file)
	return None

def logout():
	# TODO
	return False