/*
 * This file is part of the authRXBN single sign-on package.
 *
 * (c) Ruben Meyer <contact@rxbn.de>
 */

var express = require('express');
var route = express.Router();

route.post('/register', (req, res) => {
	if(!global['app'].cfg.web.registration) {
		return res.type('json').status(400).end(JSON.stringify({status: 400, message: "msg.auth.registration.deactivated"}));
	}
	// TODO: register
});

route.post('/login', (req, res) => {
	// TODO: login
});

route.post('/authenticate', (req, res) => {
	// TODO: authenticate
});

route.get('/logout', (req, res) => {
	if(!req.session.user) {
		return res.type('json').end(JSON.stringify({
			status: 401,
			message: 'msg.auth.login.required'
		}));
	} else {
		res.clearCookie('RememberMe');
		req.session.destroy();
		return res.type('json').end(JSON.stringify({
			status: 200,
			message: 'msg.auth.logout.successful'
		}));
	}
});

if(global['gds'].debug) {
	// DEBUG info
	route.get('/info', (req, res) => {
		let obj = {};
		if(req.session) obj.session = req.session;
		if(req.cookies) obj.cookie = req.cookies;
		res.type('json').end(JSON.stringify(obj));
	});
}

module.exports = route;