<?php defined('SYSPATH') or die('No direct access allowed.');

/**
 * LDAP Auth driver.
 *
 * @package    PLA
 * @subpackage Auth/LDAP
 * @category   Helpers
 * @author     Deon George
 * @copyright  (c) phpLDAPadmin Development Team
 * @license    http://dev.phpldapadmin.org/license.html
 */
class PLA_Auth_LDAP extends Auth {
	// Unnused required abstract functions
	public function password($username) {}
	public function check_password($password) {}

	// Overrides
	public function hash($str) {
		// Since this is used automatically to encrypted a password, we need to suppress that for LDAP
		if (! $this->_config['hash_key'])
			return $str;
		else
			return parent::hash($str);
	}

	/**
	 * Logs a user in.
	 *
	 * @param   string   username
	 * @param   string   password
	 * @param   boolean  enable autologin (not supported)
	 * @return  boolean
	 */
	protected function _login($user, $password, $remember) {
		if ( ! is_object($user)) {
			$username = $user;

			// Load the user
			// @todo Get the server ID
			$sid = 'default';

			$user = Database_LDAP::instance($sid)->select_db('user')->connect();
			$user->bind($username,$password);
		}

		// @todo Implement conditional logging based on memberships to groups or other criteria.
		// @todo This check of user being logged in needs to be better
		if (! $user->noconnect) {
			/*
			// @todo To implement
			if ($remember === TRUE) {
				// Token data
				$data = array(
					'user_id'=>$user->id,
					'expires'=>time()+$this->_config['lifetime'],
					'user_agent'=>sha1(Request::$user_agent),
				);

				// Create a new autologin token
				$token = ORM::factory('user_token')
					->values($data)
					->create();

				// Set the autologin cookie
				Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
			}
			*/

			// Finish the login
			$this->complete_login($user);

			return TRUE;
		}

		// Login failed
		return FALSE;
	}
}
?>