(ns cookie-login
  (:use compojure))

(def *login-token-key* :login-token)
(def *login-token-expiry* (* 1000 60 60 24 7)) ; one week

(defn clear-login-token
  "Creates an expiration cookie for a given cookie name."
  [token-key]
  (set-cookie token-key "dummy"
              :expires "Thu, 01-Jan-1970 00:00:01 GMT"))


(defn handle-request-with-login-token
  "Validates login token, handles request, and updates cookies and session
  repository. If the token is invalid, the token cookie is expired."
  [handler request token-maker token-reader login-token-key login-token-expiry]
  (if-let [session-info (token-reader (get-in request 
                                              [:cookies login-token-key]))]
    (let [response (handler (merge-with merge
                                        request
                                        {:session session-info}))
          ; Session variable priority:
          ; 1) variables set by handler
          ; 2) variables from token-reader
          ; 3) variables from repository          
          session-map (merge (request :session)
                             session-info
                             (response :session))]
      (merge-with merge
                  response
                  {:session session-map}
                  (token-maker session-info)))
    (merge (handler request)
           (clear-login-token login-token-key))))

(defn with-cookie-login
  "Middleware to support automatic cookie login. Must be placed after 
   the with-session middleware.

   Must be given three arguments:
   - process-login-token?
        Function to apply to request map to determine whether to
        process login token or not. If a false value is returned,
        then the next handler is called without further processing.
   - token-maker:
        Function to generate new login token from session map.
   - token-reader:
        Function to generate session map from login token. Should return nil
        if login token is invalid.

   The following variables can be rebound:
   - *login-token-key*
        The cookie name to store the login-token under. 
        Defaults to 'login-token'.
        
   - *login-token-expiry*
        The number of milliseconds a login token is valid for.
        Defaults to one week."
  [handler process-login-token? token-maker token-reader]
  (let [login-token-key    *login-token-key*
        login-token-expiry *login-token-expiry*]
    (fn [request]
      (if (and (get-in request [:cookies login-token-key])
               (process-login-token? request))
        (handle-request-with-login-token
          handler
          request
          token-maker
          token-reader
          login-token-key
          login-token-expiry)
        (handler request)))))