#!/usr/local/bin/ruby
# -*- coding: utf-8 -*-

require 'cgi'
require 'cgi/session'
require 'date'

class Auth

  attr_reader :title,:msg,:user,:pass,:lasttime,:expire,:cookie, :class

  def initialize(autologout=10)
    @title="ログインしてください"
    @cgi = CGI.new
    @msg="AA"+@cgi["submit"]+"BB"
    @autologout=autologout
    @class=""
  end

  def count(cgi,session)
    # セッションから値を取り出す。
    value = session['value']
    
    @msg="[#{value}]"
    value = "0" if value == nil # 初回アクセス時などデータが未設定の場合nilになる。
    @msg=@msg+";#{value}P"
    
    # 値を更新して記録する。
    value = (value.to_i + 1).to_s
    session['value'] = value
    "[[#{value}]]"

  end


  def getSess
      begin 
        @msg+="<b>-</b>"
        expire=Time.at(Time.now+120)
        @msg+="["+@cgi.cookies.to_s+"]"
        session = CGI::Session.new(@cgi, {"new_session"=>false,"session_expires"=>expire})
      rescue => e
        @msg+="<b>expired.</b>(#{e})"
        if !session 
          @msg+="!/"
        end
        nil
      end
  end

  def removeSess
    begin
      session = CGI::Session.new(@cgi, {"new_session" => false, "session_expires" => Time.now - 1})
      session.delete
    rescue => e
      @msg+="%%% "+e.to_s
    end
  end

  def execute
    if ( @cgi["logout"] == "logout" )
      @title="ログアウトしました"
      removeSess
      @msg="removed session."
    else
      expire=""

      session=getSess

      @cookie=[]
      @lasttime=""
      if session && session['lg'] then #ログイン済
        @lasttime=session["lasttime"]
        if(session["lasttime"] && (Time.now()-@lasttime > @autologout)) # タイムアウト自動ログアウト
          @msg+="<hr />TIMEOUT:"+" -_- "+@lasttime.to_s
          @title="タイムアウトでログアウトしました"
          sid=session.session_id
          session.delete
          @cookie=setcookie("_session_id",sid,Time.now-3600)
        else
          @msg+="<hr />not timeout"
          @msg=@msg+count(@cgi,session)
          @user=session['lg']
          session["lasttime"]=Time.now
          @title="Welcome [#{user}]"
          @class="authed"
        end
      else

        @user=@cgi["user"]
        @pass=@cgi["pass"]

        if(authPass(@user,@name))
          @title="Welcome //[#{@user}]"
          @msg+="ログイン成功しました,hello [#{@user}]"
          @class="loginok"
          removeSess

          expire=Time.at(Time.now+120)
          session = CGI::Session.new(@cgi, {"new_session"=>true,"session_expires"=>expire})
          @msg=@msg+count(@cgi,session)+"(( #{expire} ))" 
          session['lg']=@user # logged in
          session["lasttime"]=Time.now
          @lasttime=session["lasttime"]

          # POSTを捨てるためにGETで再描画
          @cgi.out{'<meta http-equiv="refresh" content="1; '+ENV["REQUEST_URI"]+'" />'}
          exit
        else
          @msg+="<b>incorrect ID or pass</b>"
          @msg+="not logged in"
        end
      end
    end
  end
  def authPass(user,name)
    user.size > 5
  end
  
  def setcookie(name,value,expires="")
    [
     CGI::Cookie.new({
                      "name" => name,
                      "value" => value,
                      'expires' => expires

                    })
    ]
  end
  
end


x=Auth.new
x.execute
cookies = [
           CGI::Cookie.new({
                              "name" => 'count1',
                              "value" => (Time.now+3600).to_s,
                              'expires' => Time.now-3600
                            })
]
s=<<-EOS
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="ja" xml:lang="ja">
<head>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<title>UHA
</title>
<style type="text/css">
.loginok{background: #a84;}
.authed {background: #a33;}
</style>
<script type="text/javascript">
</script>
</head>
<body class="#{x.class}">
<h1>#{x.title}</h1>
<form action="." method="post">
<p>username<input type="text" name="user" /></p>
<p>password<input type="password" name="pass" /></p>
<input type="submit" value="login" />
</form>
<hr />
<form action="." method="post">
<input type="submit" name="logout" value="logout" />
</form>
<hr />
user[#{x.user}]/pass[#{x.pass}] || last:#{x.lasttime}<hr />
#{x.msg}<hr />
なう#{Time.now()}  || 
<hr />expire:#{x.expire}<hr />
<a href="./">..............</a>
</body>
</html>
EOS

c=CGI.new
c.out("cookie" => x.cookie){s}