module Fiona7
  class SessionsController < ActionController::Base
    before_filter :load_login_page

    def create
      login, password = params[:login], params[:password]
      if valid_credentials?(login, password)
        rsession.user_name = login

        redirect_to true_root_path
      else
        flash[:error] = I18n.t(:"fiona7.invalid_credentails")
        begin
          redirect_to :back
        rescue ActionController::RedirectBackError
          redirect_to scrivito_path(@login_page)
        end
      end
    end

    def destroy
      rsession.destroy
      redirect_to true_root_path
    end

    protected
    def load_login_page
      @login_page = Fiona7LoginPage.instance || Scrivito::BasicObj.root
    end

    def true_root_path
      if Fiona7.mode == :standalone
        scrivito_root_path
      elsif Fiona7.mode == :legacy
        root_path
      else
        raise "Invalid Fiona7.mode = #{Fiona7.mode}"
      end
    end

    def valid_credentials?(login, password)
      Reactor::Sudo.su(Fiona7.root) do
        Reactor::Cm::User.new(login).has_password?(password)
      end
    end
  end
end