from turbogears import identity, visit
from model import User, VisitIdentity
from cherrypy import request

def login_by_cert():
    """Associate a user with current visit & identity based on certificates."""

    username = request.wsgi_environ.get('SSL_CLIENT_S_DN_Email',None)
    if not username:
        return
    email = username
    if username.lower().endswith('@mit.edu'):
        username = username.rsplit('@',1)[0]
    display_name = request.wsgi_environ.get('SSL_CLIENT_S_DN_CN',username)

    if hasattr(User, 'query'):
        user = User.query.get_by(user_name=username)
        if user is None:
            user = User(user_name=username,
                        email_address=email,
                        display_name=display_name)
            user.flush()
    else:
        from sqlobject import SQLObjectNotFound
        try:
            user = User.by_user_name(username)
        except SQLObjectNotFound:
            user = User(user_name=username,
                        email_address=email,
                        display_name=display_name)

    visit_key = visit.current().key
    if hasattr(VisitIdentity, 'query'):
        link = VisitIdentity.query.get(visit_key)
    else:
        from sqlobject import SQLObjectNotFound
        try:
            link = VisitIdentity.get(visit_key)
        except SQLObjectNotFound:
            link = None

    if not link:
        link = VisitIdentity(visit_key=visit_key, user_id=user.user_id)
        link.flush()
    else:
        link.user_id = user.user_id

    user_identity = identity.current_provider.load_identity(visit_key)
    identity.set_current_identity(user_identity)

def with_mit_certs(func):
    def certed(*args,**kw):
        login_by_cert()
        return func(*args,**kw)
    certed.__name__ = func.__name__
    certed.__dict__.update(func.__dict__)
    certed.__doc__ = func.__doc__
    certed.__module__ = func.__module__
    return certed