class CookieLoginStrategy < ::Authentication::Strategy
  def run!    
    u = cookies[:auth_token] && User.first(:remember_token => cookies[:auth_token])
    if u && u.remember_token?
      cookies[:auth_token] = { :value => u.remember_token, :expires => Time.parse(u.remember_token_expires_at.to_s) }
      u
    end    
  end
end
 
class PasswordStrategy < ::Authentication::Strategy
  def run!
    if params[:login] && params[:password]
      u = User.authenticate(params[:login], params[:password])
      if u && params[:remember_me] == "1"
        u.remember_me
        expires = Time.parse(u.remember_token_expires_at.to_s)
        cookies[:auth_token] = { :value => u.remember_token, :expires => expires }
      else
        controller.session.authentication.errors.clear!
        controller.session.authentication.errors.add(:login, 'Username or password were incorrect')
      end
      u
    end
  end
end
 
class OpenIDStrategy < ::Authentication::Strategy
  def run!
    if params[:'openid.mode']
      response = consumer.complete(controller.request.send(:query_params), "#{controller.request.protocol}#{controller.request.host}" + controller.request.path)
      if response.status.to_s == 'success'
        if user = User.first(:identity_url => response.identity_url)
          if params[:remember_me]
            user.remember_me
            expires = Time.parse(user.remember_token_expires_at.to_s)
            cookies[:auth_token] = { :value => user.remember_token, :expires => expires }
          end
          user
        else
          sreg_response = OpenID::SReg::Response.from_success_response(response)
          controller.session[:'openid.email'] = sreg_response.data['email'] unless sreg_response.data['email'].nil?
          controller.session[:'openid.nickname'] = sreg_response.data['nickname'] unless sreg_response.data['nickname'].nil?
          controller.session[:'openid.url'] = response.identity_url
          throw(:halt, controller.redirect(controller.url(:signup)))
        end
      elsif response.status.to_s == 'failure'
        controller.session.authentication.errors.clear!
        controller.session.authentication.errors.add(:openid, 'OpenID verification failed, maybe the provider is down? Or the session timed out')
        nil
      elsif response.status.to_s == 'setup_needed'
        controller.session.authentication.errors.clear!
        controller.session.authentication.errors.add(:openid, 'OpenID does not seem to be configured correctly')
        nil
      elsif response.status.to_s == 'cancel'
        controller.session.authentication.errors.clear!
        controller.session.authentication.errors.add(:openid, 'OpenID rejected our request')
        nil
      end
    elsif identity_url = params[:openid_url]
      begin
        openid_request = consumer.begin(identity_url)
        openid_reg = OpenID::SReg::Request.new
        openid_reg.request_fields(['nickname', 'email'])
        openid_request.add_extension(openid_reg)
        openid_request.return_to_args['remember_me'] = '1' if params[:remember_me] == '1'
        throw(:halt, controller.redirect(openid_request.redirect_url("#{controller.request.protocol}#{controller.request.host}", controller.absolute_url(:openid))))
      rescue OpenID::OpenIDError => e
        controller.session.authentication.errors.clear!
        controller.session.authentication.errors.add(:openid, 'The OpenID verification failed')
        nil
      end
    end
  end
  
  protected
  def consumer
    @consumer ||= OpenID::Consumer.new(controller.session, OpenID::Store::Filesystem.new("#{Merb.root}/tmp/openid"))
  end
end
 
class Authentication
  def store_user(user)
    return nil unless user 
    user.id
  end
 
  def fetch_user(session_info)
    User.get(session_info)
  end
end

#OpenID strategy needs:
 
require 'openid'
require 'openid/store/filesystem'
require 'openid/extensions/sreg'