1 files changed, 57 insertions, 0 deletions

diff --git a/apps/um/controllers/Authenticator.class.php b/apps/um/controllers/Authenticator.class.php
new file mode 100644
index 0000000..0c1bf0c
--- /dev/null
+++ b/apps/um/controllers/Authenticator.class.php
@@ -0,0 +1,57 @@
+<?php
+require_once('Login.class.php');
+require_once('Auth.class.php');
+
+Router::register('auth', 'Authenticator');
+
+class Authenticator extends Controller {
+	public function index($routed, $remainder) {
+		// If $_POST['action'] isn't set, it will trip on '', which is
+		// great, so we don't have to handle GET and PUT separately.
+		@$action = $_POST['action'];
+		switch ($action) {
+		case 'login' : $this->login(); break;
+		case 'logout': $this->logout(); break;
+		case ''      : $this->maybe_login(); break;
+		default      : $this->badrequest(); break;
+		}
+	}
+	private function login() {
+		$username = '';
+		$password = '';
+		
+		$login = -1;
+		if ( isset($_POST['username']) && isset($_POST['password'])) {
+			$username = $_POST['username'];
+			$password = $_POST['password'];
+			$login = Login::login($username, $password);
+		}
+		
+		$vars = array();
+		$vars['login_code'] = $login;
+		$vars['username'] = $username;
+		$vars['password'] = $password;
+		if (isset($_POST['url'])) {
+			$vars['url'] = $_POST['url'];
+		}
+		
+		$this->showView('auth/login', $vars);
+	}
+	private function logout() {
+		Login::logout();
+		$this->showView('auth/logout');
+	}
+	private function maybe_login() {
+		$uid = Login::isLoggedIn();
+		if ($uid===false) {
+			$this->login();
+		} else {
+			$username = Auth::getInstance($uid)->getName();
+			$this->showView('auth/index',
+			                array('username'=>$username));
+		}
+	}
+	private function badrequest() {
+		$this->showView('auth/badrequest');
+	}
+}