// The contents of this file are subject to the Mozilla Public License Version 1.1
// (the "License"); you may not use this file except in compliance with the License.
// You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
// 
// Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
// WARRANTY OF ANY KIND, either express or implied. See the License for the specific
// language governing rights and limitations under the License.
// 
// The Original Code is the Venice Web Communities System.
// 
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
// for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
// Copyright (C) 2002-03 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
// 
// Contributor(s): 

importPackage(Packages.com.silverwrist.dynamo.iface);
importPackage(Packages.com.silverwrist.dynamo.util);
importClass(Packages.com.silverwrist.venice.VeniceNamespaces);
importPackage(Packages.com.silverwrist.venice.session);

req = bsf.lookupBean("request");           // get request
rhelp = bsf.lookupBean("request_help");    // get request helper
if (rhelp.isRequestType("_SESSION") && rhelp.isVerb("PUT"))
{ // OK, this is a session-established event...
  if (rhelp.isSessionType("HTTP"))
  { // Check to see if the user can automatically log in with a cookie.
    cctrl = cast.queryCookieControl(req);
    if (cctrl.isCookiePresent(venice_session.loginCookieName))
    { // retrieve and parse the cookie value
      logged_in = false;
      arr = stringutils.split(cctrl.getCookie(venice_session.loginCookieName),":");
      s = arr[0] + "";
      if (s=="VQAT2")
      { // get the user corresponding to the UID embedded in this object
        new_user = vlib.lookupUser(req,cast.toInteger(arr[1]));
        if (new_user!=null)
        { // attempt to authenticate with the cookie value
          if (new_user.authenticate(VeniceNamespaces.SESSION_CONTROL_NAMESPACE,"cookie",arr[2],arr[3]))
          { // this is the real user we're logged in as - set it into the session
            session = rhelp.getSession();
            session.setObject(SessionInfoParams.NAMESPACE,SessionInfoParams.ATTR_USER,new_user);
            session.setObject(SessionInfoParams.NAMESPACE,SessionInfoParams.ATTR_COOKIE_AUTH_SOURCE,arr[2]);
            audit.write(req,new_user,VeniceNamespaces.USER_EVENT_NAMESPACE,"login.ok");
            new_user.setLastAccessDate(new_user,new java.util.Date());
            logged_in = true;

          } // end if
          // else authentication failed - just dump out

        } // end if
        // else we don't know this UID - bail out
        
      } // end if
      // else our cookie format does not match - bail out

      if (!logged_in)  // if we failed to log in with this cookie, delete it
        cctrl.deleteCookie(venice_session.loginCookieName);

    } // end if

    // Now set up the established user (either the one that just logged in or Anonymous_Honyak).
    dynamo.exec("/util/setup_user.js");

    // Configure other session attributes.
    session = rhelp.getSession();
    session.setObject("/find.js.vs","last.visited","find_communities.js.vs");

  } // end if (session is HTTP)

} // end if (session-PUT event)