1 files changed, 65 insertions, 0 deletions

diff --git a/src/views/pages/auth.php b/src/views/pages/auth.php
new file mode 100644
index 0000000..2132d67
--- /dev/null
+++ b/src/views/pages/auth.php
@@ -0,0 +1,65 @@
+<?php global $mm;
+/**
+ * This is the view for the main login page.
+ */
+
+// TODO: We should probably check to make sure PAGE is just 'auth' or
+// 'auth/', and not something like 'auth/foobar', for which we should
+// throw a 404.
+
+@$action = $_POST['action'];
+switch ($action) {
+case 'login': login(); break;
+case 'logout': logout(); break;
+case '': maybe_login(); break;
+default: badrequest(); break;
+}
+
+function maybe_login() {
+	global $mm;
+	$uid = $mm->isLoggedIn();
+	if ($uid===false) {
+		login();
+	} else {
+		$mm->header('Authentication');
+		$t = $mm->template();
+		
+		$username = $mm->getUsername($uid);
+		
+		$t->openTag('div',array('class'=>'login'));
+		$t->text("Logged in as ".htmlentities($username).'.');
+		$t->logout_button('Logout');
+		$t->closeTag('div');
+		
+		$mm->footer();
+	}
+}
+
+function login() {
+	include(VIEWPATH.'/pages/auth/login.php');
+}
+
+function logout() {
+	global $mm;
+	$t = $mm->template();
+	
+	$mm->logout();
+	
+	$mm->header('Authentication');
+	$t->paragraph('Logged out');
+	$mm->footer();
+}
+
+function badrequest() {
+	global $mm;
+	$mm->status('400 Bad Request');
+	$t = $mm->template();
+	
+	$mm->header('Authentication');
+	$t->paragraph('The recieved POST request was malformed/invalid. '.
+	              'If you got here from a link, this is a bug; '.
+	              'Let the admin know.'.
+	              'If you got here from outside, then the API is being '.
+	              'missused.');
+	$mm->footer();
+}