#!/usr/bin/perl -Tw
#
# fs_session_server
#

use strict;
use vars qw( $opt $Debug );
use IO::Handle;
use Net::SSH qw(sshopen2);
use FS::UID qw(adminsuidsetup);
use FS::Record qw( qsearchs ); #qsearch );
#use FS::cust_main_county;
#use FS::cust_main;
use FS::session;
use FS::port;
use FS::svc_acct;

#require "configfile";
$Debug = 1;

my $user = shift or die &usage;
&adminsuidsetup( $user ); 

my $machine = shift or die &usage;

my $fs_sessiond = "/usr/local/sbin/fs_sessiond";

my $me = "[fs_session_server]";

while (1) {
  my($reader, $writer) = (new IO::Handle, new IO::Handle);
  $writer->autoflush(1);
  warn "$me Connecting to $machine\n" if $Debug;
  sshopen2($machine,$reader,$writer,$fs_sessiond);

  warn "$me Entering main loop\n" if $Debug;
  while (1) {
    warn "$me Reading (waiting for) data\n" if $Debug;
    my $command = scalar(<$reader>);
    chomp $command;
    #DoS protection here too, to protect against a compromised client?  *sigh*
    my %hash;
    while ( ( my $key = scalar(<$reader>) ) ne "END\n" ) {
      chomp $key;
      chomp( $hash{$key} = scalar(<$reader>) );
    }

    if ( $command eq 'login' ) {
      my $error = &login(\%hash);
      print $writer "$error\n";
    } elsif ( $command eq 'logout' ) {
      my $error = &logout(\%hash);
      print $writer "$error\n";
    } elsif ( $command eq 'portnum' ) {
      my $port;
      if ( exists $hash{'ip'} ) {
        $hash{'ip'} =~ /^([\d\.]+)$/ or $1='nomatch';
        $port = qsearchs('port', { 'ip' => $1 } );
      } else {
        $hash{'nasnum'} =~ /^(\d+)$/ and my $nasnum = $1;
        $hash{'nasport'} =~ /^(\d+)$/ and my $nasport = $1;
        $port = qsearchs('port', { 'nasnum'=>$nasnum, 'nasport'=>$nasport } );
      }
      print $writer ( $port ? $port->portnum : '' ), "\n";
    } else {
      warn "$me WARNING: unrecognized command: $command";
    }
  }
  #won't ever reach without code above to throw out of loop, but...
  close $writer;
  close $reader;
  warn "connection to $machine lost!\n";
  sleep 5;
  warn "reconnecting...\n";
}

sub login {
  my $href = shift;
  $href->{'username'} =~ /^([a-z0-9_\-\.]+)$/ or return "Illegal username";
  my $username = $1;
  my $svc_acct = qsearchs('svc_acct', { 'username' => $username } )
    or return "Unknown user";
  return "Incorrect password"
    if exists($href->{'password'})
       && $href->{'password'} ne $svc_acct->_password;
  my $session = new FS::session {
    'portnum' => $href->{'portnum'},
    'svcnum'  => $svc_acct->svcnum,
    'login'   => $href->{'login'},
  };
  $session->insert;
}

sub logout {
  my $href = shift;
  $href->{'username'} =~ /^([a-z0-9_\-\.]+)$/ or return "Illegal username";
  my $username = $1;
  my $svc_acct = qsearchs('svc_acct', { 'username' => $username } )
    or return "Unknown user";
  return "Incorrect password"
    if exists($href->{'password'})
       && $href->{'password'} ne $svc_acct->_password;
  my $session = qsearchs( 'session', {
    'portnum' => $href->{'portnum'},
    'svcnum'  => $svc_acct->svcnum,
    'logout'  => '',
  } );
  return "No currently open sessions found for that user/port!" unless $session;
  my $nsession = new FS::session ( { $session->hash } );
  warn "$nsession replacing $session";
  $nsession->replace($session);
}

sub usage {
  die "Usage:\n\n  fs_session_server user machine\n";
}