#!/usr/bin/perl

use strict;
use Config::IniFiles;
use DBI;

package rddb;


sub opendb
{
  my $RD_CONF = "/etc/rd.conf";
  my $cfg = Config::IniFiles->new(-file => $RD_CONF)
    or return (undef , 'ERROR', "Config File Error: " . join("\n", @Config::IniFiles::errors));

  my $dbhost = $cfg->val('mySQL', 'Hostname');
  my $dbname = $cfg->val('mySQL', 'Database');
  my $dbuser = $cfg->val('mySQL', 'Loginname');
  my $dbpasswd = $cfg->val('mySQL', 'Password');

  my $dbh = DBI->connect("DBI:mysql:$dbname:$dbhost","$dbuser","$dbpasswd")
    or return (undef, 'ERROR', "Database Error: " . $DBI::errstr);

  return ($dbh, 'OK', 'success');
}

sub closedb
{
  my $dbh = shift;
  $dbh->disconnect();
}

sub get_token
{
  my ($dbh, $username) = @_;

  my $sql = qq{select PASSWORD from USERS where LOGIN_NAME = ?;};
  my $sth = $dbh->prepare($sql)
    or return (undef, 'ERROR', "Database Error: " . $dbh->errstr);

  $sth->execute($username)
    or return (undef, 'ERROR', "Database Error: " . $sth->errstr);

  my ($token) = $sth->fetchrow_array;
  $sth->finish();

  unless(defined $token) {
    return (undef, 'ERROR', "user '" . $username . "' not known by rivendell")
  }
  return ($token, 'OK', 'success');
}

sub check_token
{
  my ($dbh, $username, $token) = @_;

  my $sql = qq{select PASSWORD from USERS where LOGIN_NAME = ?;};
  my $sth = $dbh->prepare($sql)
    or return (0, 'ERROR', "Database Error: " . $dbh->errstr);

  $sth->execute($username)
    or return (0, 'ERROR', "Database Error: " . $sth->errstr);

  my ($token_result) = $sth->fetchrow_array;
  $sth->finish();

  unless(defined $token_result) {
    return (0, 'ERROR', "user '" . $username . "' not known by rivendell")
  }
  
  if($token_result == $token) {
    return (1, 'OK', 'success');
  }
  return (0, 'ERROR', "wrong password");
}

return 1;