module Merb
  
  module Authentication
    require 'base64'
    
    def credentials
      if d = %w{REDIRECT_X_HTTP_AUTHORIZATION 
             X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION}.
             inject([]) { |d,h| @env.has_key?(h) ? @env[h].to_s.split : d }
        return Base64.decode64(d[1]).split(':')[0..1] if d[0] == 'Basic'
      end
    end
    
    def authenticated?
      username, password = *credentials
      username == Merb::Server.config[:basic_auth][:username] and password == Merb::Server.config[:basic_auth][:password]
    end
    
    def authenticate
      if !authenticated?
        throw :halt
      end
    end
      
    def self.included(base)
      base.class_eval do
        def filters_halted
          @status = 401
          @headers['Content-type'] = 'text/plain'
          @headers['Status'] = 'Unauthorized'
          @headers['WWW-Authenticate'] = "Basic realm=\"#{Merb::Server.config[:basic_auth][:domain]}\""
          return 'Unauthorized'
        end  
      end
    end
      
  end
  
end