# -*- coding: iso-8859-1 -*-
"""
    MoinMoin - NIS  Yellow Pages

    This code only creates a user object, the session will be established by
    moin automatically.

    place file in:
	/usr/lib/python2.5/site-packages/MoinMoin/auth/

    wikiconfig.py:
	from MoinMoin.auth.nis_login import NISAuth
	auth = [NISAuth(autocreate=True, maildomain='@yourdomain.com')]

    @copyright: 2008 Stefan Sami-Soueiha,
    @license: GNU GPL, see COPYING for details.

    Version: 1.0 12.12.2008
"""
from MoinMoin import log
logging = log.getLogger(__name__)

try:
    import nis, crypt
except ImportError, err:
    logging.error("You need to have python nis & crypt module's (%s)." % str(err))
    raise

from MoinMoin import user
from MoinMoin.auth import BaseAuth, CancelLogin, ContinueLogin


class NISAuth(BaseAuth):
    """ get authentication data from form, authenticate against NIS server
        The session is kept by moin automatically.
    """

    login_inputs = ['username', 'password']
    logout_possible = True
    name = 'nis'

    def __init__(self,  autocreate=False, 
			maildomain='@domain.com',
			niscat='passwd.byname'		# ypcat passwd
		):

	BaseAuth.__init__(self)
        self.autocreate = autocreate
	self.maildomain = maildomain
	self.niscat     = niscat

    def login(self, request, user_obj, **kw):
        username = kw.get('username')
        password = kw.get('password')
        _ = request.getText

        # we require non-empty password 
        if not username or not password:
            return ContinueLogin(user_obj, 
		_('Missing password. Please enter user name and password.'))
	logging.debug("trying to authenticate NIS user: %r" % username)

        try:
	    userline=nis.cat(self.niscat)[username]
	    try:
		passwd_hash=userline.split(':')[1]
		passwd_hash_entered = crypt.crypt(password, passwd_hash[:2])

		if passwd_hash == passwd_hash_entered:
		    u = user.User(request, auth_username=username, auth_method=self.name, auth_attribs=('name', 'password', 'email', 'mailto_author', ))
		    u.name = username
		    u.aliasname = userline.split(':')[4]
		    u.email = username + self.maildomain
		    u.remember_me = 0 # 0 enforces cookie_lifetime config param
		    logging.debug("creating userprefs with name %r email %r alias %r" % (u.name, u.email, u.aliasname))

		if u and self.autocreate:
		    u.create_or_update(True)
		return ContinueLogin(u)

	    except:
		logging.debug("invalid password (user: %s)" % (username))
		return CancelLogin(_("Invalid password (user:%s)."% (username)))
		#return CancelLogin(_("Invalid password ((%s:%s)(%s:%s)." % (username, password, passwd_hash, passwd_hash_entered)))

	except:		# username not in NIS
	    logging.debug("invalid username: (%s)" % (username))
	    return CancelLogin(_("Invalid username (%s)."% (username)))