# -*- coding: utf-8 -*-
# this file is released under public domain and you can use without limitations

#########################################################################
## This is a sample controller
## - index is the default action of any application
## - user is required for authentication and authorization
## - download is for downloading files uploaded in the db (does streaming)
#########################################################################

@auth.requires_login()
def index():
    return dict()

@auth.requires(request.args(0) in ("login", "change_password", "logout", "profile", ), requires_login=False)
def user():
    """
    exposes:
    http://..../[app]/default/user/login
    http://..../[app]/default/user/logout
    http://..../[app]/default/user/register
    http://..../[app]/default/user/profile
    http://..../[app]/default/user/retrieve_password
    http://..../[app]/default/user/change_password
    http://..../[app]/default/user/manage_users (requires membership in
    use @auth.requires_login()
        @auth.requires_membership('group name')
        @auth.requires_permission('read','table name',record_id)
    to decorate functions that need access control
    """
    if request.args(0)=="login":
        from otp import IS_MY_OTP_TOKEN, IS_PASSWORD_VERIFIED
        form = SQLFORM.factory(
            Field("email"),
            Field("password", "password", requires=IS_PASSWORD_VERIFIED(request.vars.email, auth)),
            Field('otp_token', requires=IS_MY_OTP_TOKEN(request.vars.email, request.vars.password, auth))
        )
        if form.validate():
            if auth.login_bare(form.vars.email, form.vars.password):
                redirect(request.vars._next)
            else:
                user = db(db.auth_user.email==form.vars.email).select().first()
                if user.registration_key:
                    response.flash = T("Warning! Your account is %s. Please contact the administrator.") % user.registration_key
#             user = self.auth.login_bare(form.vars.email, form.vars.password)
#             redirect(request.vars._next)
    else:
        form=auth()

    return dict(form=form)


@cache.action()
def download():
    """
    allows downloading of uploaded files
    http://..../[app]/default/download/[filename]
    """
    return response.download(request, db)


def call():
    """
    exposes services. for example:
    http://..../[app]/default/call/jsonrpc
    decorate with @services.jsonrpc the functions to expose
    supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv
    """
    return service()