<?php
class Application_Controller_Plugin_Auth extends Zend_Controller_Plugin_Abstract
{
    /**
     * Vérifie les autorisations
     * Utilise _request et _response hérités et injectés par le FC
     *
     * @param Zend_Controller_Request_Abstract $request : non utilisé, mais demandé par l'héritage
     */
	public function preDispatch(Zend_Controller_Request_Abstract $request)
	{
		$checkAuth = true;
		if ($request->getControllerName()=='user' && $request->getActionName()=='login'){
			$checkAuth = false;			
		}
		
		if ($checkAuth) 
		{
			$login = $request->getParam('login');
			$pass = $request->getParam('pass', '');
			$hach = $request->getParam('hach');
			$checkIp = $request->getParam('checkIp');
			
			$auth = Zend_Auth::getInstance();
			
			//Est ce que l'on a checkIp=only lors de la requête
			$iponly = false;
			if ($checkIp=='only') {			
				$hach  = 'iponly:'.$_SERVER['REMOTE_ADDR'];
				$iponly = true;			
			}
			
			//On vérifie le tout lors d'une connexion par url
			if ( !empty($login) && !empty($hach) ) {	
	
				require_once 'Scores/WebAuthAdapter.php';
				
				$authAdapter = new WebAuthAdapter($login, $hach, $iponly);
				$result = $auth->authenticate($authAdapter);
				if (!$result->isValid()) {
	                $request->setModuleName('default')
						->setControllerName('user')
	                    ->setActionName('logout');
				} else {			
					$timeout = $auth->getIdentity()->timeout;
					Zend_Session::rememberMe($timeout);
					$storage = new Zend_Auth_Storage_Session();
					$sessionNamespace = new Zend_Session_Namespace($storage->getNamespace());
					$sessionNamespace->setExpirationSeconds($timeout);
					$auth->setStorage($storage);				
				}
				
			//Sinon on reste sur le standard
			} else {
				//Pas authentifié
				if (!$auth->hasIdentity()) {
					
					$auth->clearIdentity();
			    	$session = new Zend_Session_Namespace('login');
			    	$session->url = $_SERVER['REQUEST_URI'];

			    	$layout = Zend_Layout::getMVCInstance();
			    	if (!$layout->isEnabled()){
			    		$this->_response->setRedirect('/user/logout')->sendResponse();
			    	} 
		    		$this->_response->setRedirect('/user/login')->sendResponse();
		    	//Authentifié => on met à jour la session
				} else {
	
					$timeout = $auth->getIdentity()->timeout;
					$storage = new Zend_Auth_Storage_Session();
					$sessionNamespace = new Zend_Session_Namespace($storage->getNamespace());
					$sessionNamespace->setExpirationSeconds($timeout);
					$auth->setStorage($storage);
					
					if (Zend_Session::namespaceIsset('login')){
						Zend_Session::namespaceUnset('login');
					}
					
				}
			}
			
			if ( $auth && $auth->getIdentity()->profil=='SuperAdministrateur' ){
				$layout = Zend_Layout::getMVCInstance();
				$view = $layout->getView();
				$view->admin = true;				
			}
			
		}	
	}
}