<?php global $mm;
/**
 * This is the view for the main login page.
 */

// TODO: We should probably check to make sure PAGE is just 'auth' or
// 'auth/', and not something like 'auth/foobar', for which we should
// throw a 404.

@$action = $_POST['action'];
switch ($action) {
case 'login': login(); break;
case 'logout': logout(); break;
case '': maybe_login(); break;
default: badrequest(); break;
}

function maybe_login() {
	global $mm;
	$uid = $mm->isLoggedIn();
	if ($uid===false) {
		login();
	} else {
		$mm->header('Authentication');
		$t = $mm->template();
		
		$username = $mm->getUsername($uid);
		
		$t->openTag('div',array('class'=>'login'));
		$t->text("Logged in as ".htmlentities($username).'.');
		$t->logout_button('Logout');
		$t->closeTag('div');
		
		$mm->footer();
	}
}

function login() {
	include(VIEWPATH.'/pages/auth/login.php');
}

function logout() {
	global $mm;
	$t = $mm->template();
	
	$mm->logout();
	
	$mm->header('Authentication');
	$t->paragraph('Logged out');
	$mm->footer();
}

function badrequest() {
	global $mm;
	$mm->status('400 Bad Request');
	$t = $mm->template();
	
	$mm->header('Authentication');
	$t->paragraph('The recieved POST request was malformed/invalid. '.
	              'If you got here from a link, this is a bug; '.
	              'Let the admin know.'.
	              'If you got here from outside, then the API is being '.
	              'missused.');
	$mm->footer();
}