import urlparse

from formencode import htmlfill

from webob.exc import HTTPFound, HTTPBadRequest

from pylons.i18n.translation import _

from pylons.controllers.util import redirect

from pylons import request, session, tmpl_context as c, url

import kallithea.lib.helpers as h

from kallithea.lib.auth import AuthUser, HasPermissionAnyDecorator

from kallithea.lib.base import BaseController, log_in_user, render

from kallithea.lib.exceptions import UserCreationError

from kallithea.lib.utils2 import safe_str

from kallithea.model.db import User, Setting

from kallithea.model.forms import \

    LoginForm, RegisterForm, PasswordResetRequestForm, PasswordResetConfirmationForm

from kallithea.model.user import UserModel

from kallithea.model.meta import Session

log = logging.getLogger(__name__)

class LoginController(BaseController):

    def __before__(self):

        super(LoginController, self).__before__()

    def _validate_came_from(self, came_from):

        """Return True if came_from is valid and can and should be used"""

        if not came_from:

            return False

        parsed = urlparse.urlparse(came_from)

        server_parsed = urlparse.urlparse(url.current())

        allowed_schemes = ['http', 'https']

        if parsed.scheme and parsed.scheme not in allowed_schemes:

            log.error('Suspicious URL scheme detected %s for url %s',

                     parsed.scheme, parsed)

            return False

        if server_parsed.netloc != parsed.netloc:

            log.error('Suspicious NETLOC detected %s for url %s server url '

                      'is: %s' % (parsed.netloc, parsed, server_parsed))

            return False

        return True

    def index(self):

        c.came_from = safe_str(request.GET.pop('came_from', ''))

            came_from = url(c.came_from, **request.GET)

        else:

            c.came_from = came_from = url('home')

        not_default = self.authuser.username != User.DEFAULT_USER

        ip_allowed = AuthUser.check_ip_allowed(self.authuser, self.ip_addr)

        # redirect if already logged in

        if self.authuser.is_authenticated and not_default and ip_allowed:

            raise HTTPFound(location=came_from)

        if request.POST:

            # import Login Form validator class

            login_form = LoginForm()

            try:

                c.form_result = login_form.to_python(dict(request.POST))

                # form checks for username/password, now we're authenticated

                username = c.form_result['username']

                user = User.get_by_username(username, case_insensitive=True)

            except formencode.Invalid as errors:

                defaults = errors.value

                # remove password from filling in form again

                del defaults['password']

                return htmlfill.render(

                    render('/login.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

            except UserCreationError as e:

                # container auth or other auth functions that create users on

                # the fly can throw this exception signaling that there's issue

                # with user creation, explanation should be provided in

                # Exception itself

                h.flash(e, 'error')

            else:

                log_in_user(user, c.form_result['remember'],

                    is_external_auth=False)

                raise HTTPFound(location=came_from)

        return render('/login.html')

    @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',

                               'hg.register.manual_activate')

    def register(self):

        c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\

            .AuthUser.permissions['global']