<?php defined('SYSPATH') or die('No direct access allowed.');

/**
 * This class provides login capability
 *
 * @package    OSB
 * @category   Controllers
 * @author     Deon George
 * @copyright  (c) 2009-2013 Open Source Billing
 * @license    http://dev.osbill.net/license.html
 * @also       [logout]
 */
class Controller_Login extends lnApp_Controller_Login {
	/**
	 * Enable site registration
	 *
	 * @todo Needs to be written
	 */
	public function action_register() {
		// If user already signed-in
		if (Auth::instance()->logged_in())
			HTTP::redirect('welcome/index');

		HTTP::redirect('login');
	}

	/**
	 * Enable user password reset
	 */
	public function action_reset() {
		// Minutes to keep our token
		$token_expire = 15;

		// If user already signed-in
		if (Auth::instance()->logged_in())
			HTTP::redirect('welcome/index');

		// If the user posted their details to reset their password
		if ($_POST) {
			// If the username is correct, create a method token
			if (! empty($_POST['username']) AND ($ao=ORM::factory('Account',array('username'=>$_POST['username']))) AND $ao->loaded()) {
				$mmto = ORM::factory('Module_Method_Token')
					->method(array('account','user:resetpassword'))
					->account($ao)
					->uses(2)
					->expire(time()+$token_expire*60);

				if ($mmto->generate()) {
					// Send our email with the token
					// @todo Need to provide an option if Email_Template is not installed/activited.
					// @todo Need to provide an option if account_reset_password template doesnt exist.
					$et = Email_Template::instance('account_reset_password');
					$et->to = array('account'=>array($mmto->account_id));
					$et->variables = array(
						'SITE'=>URL::base(TRUE,TRUE),
						'SITE_ADMIN'=>Company::instance()->admin(),
						'SITE_NAME'=>Company::instance()->name(),
						'TOKEN'=>$mmto->token,
						'TOKEN_EXPIRE_MIN'=>$token_expire,
						'USER_NAME'=>sprintf('%s %s',$mmto->account->first_name,$mmto->account->last_name),
					);
					$et->send();

					// Log the password reset
					$ao->log('Password reset token sent');
				}

			// Redirect to our password reset, the Auth will validate the token.
			} elseif (! empty($_REQUEST['token'])) {
				HTTP::redirect(URL::link('user','account/resetpassword?token='.$_REQUEST['token']));
			}

			// Show our token screen even if the email was invalid.
			if (isset($_POST['username']))
				$output = View::factory('pages/login_reset_sent');

			else
				HTTP::redirect('login');

		} else {
			$output = View::factory('pages/login_reset');
		}

		Style::factory()
			->type('file')
			->data('media/theme/baseadmin/css/pages/login.css');

		$this->template->content = $output;
		$this->template->shownavbar = FALSE;
	}
}
?>