module PowerTools::ActionController::Login
  
  def self.included(base)
    base.extend ControllerMethods
    base.send :helper, PowerTools::ActionController::Login::Helper
    base.hide_action(:logged_in_user)
  end
  
  module ControllerMethods
    def login_required(options={})
      before_filter :require_login, options
    end
  end
  
  module Helper
    def logged_in_user
      controller.logged_in_user
    end
  end
  
  def logged_in_user
    @logged_in_user ||= (user_from_session || user_from_http_basic)
  end
  
  protected
  
  def login_from_cookie
    return unless cookies[:auth] && logged_in_user.nil?
    user = User.find_by_remember_token(cookies[:auth])
    if user && user.remember_token_valid?
      user.remember_me!
      @logged_in_user = user
      session[:login] = user.id
      cookies[:auth] = { :value => user.remember_token, :expires => user.remember_until }
    end
  end
  
  def record_destination
    session[:destination] = request.request_uri
  end
  
  def access_denied(message)
    record_destination
    flash[:info] = message
    redirect_to new_session_url
    return false
  end
  
  def require_login  
    unless logged_in_user
      access_denied 'Please log in'
    end
  end
  
  private
  
  def user_from_session
    User.find(session[:login]) if session[:login]
  rescue ActiveRecord::RecordNotFound
    nil
  end
  
  def user_from_http_basic
    authenticate_with_http_basic { |u, p| User.authorize(u, p) } || nil 
  end
end