#!/usr/bin/perl -w

use strict;
use warnings;
use CGI qw/escapeHTML/;;
use CGI::Auth::Flexible;
use URI;
use Data::Dumper;

#use Carp::Always;
$SIG{__DIE__} = sub { Carp::confess(@_) };

my $dump = "$ENV{'CAHTEST_HOME'}/dump";

my $verifier = CGI::Auth::Flexible->new_verifier(
    username_password_ok => sub { my ($c,$r,$u,$p)=@_; return $p eq 'sesame'; },
    encrypted_only => 0,
    promise_check_mutate => 1,
    dir => $dump,
);

END { $verifier->disconnect() if $verifier; }

my $q = CGI->new;

my $authreq = $verifier->new_request($q);

$authreq->check_ok() or exit;

my $cookie = $authreq->secret_cookie();
my $url = $q->url();
my $hiddenhtml = $authreq->secret_hidden_html();

print <<END;
Content-Type: text/html
Set-Cookie: $cookie

<html><head><title>TITLE</title></head>
<body><h1>H1</h1>
<h1>again</h1>

<h1>info<h1>
<pre>
END

my %vars = $q->Vars();
delete $vars{caf_assochash};

my $txt = Data::Dumper->Dump([$authreq->get_username(), $authreq->mutate_ok(),
                              $q->path_info(), \%vars],
                             [qw(username mutate_ok path params)]);
foreach my $l (split /\n/, $txt) {
    print escapeHTML($l),"\n";
}

print <<END;
</pre>
<form method="POST" action="$url">
$hiddenhtml
<input type="submit" name="test_cgi_sponges" value="Make sponges">
<input type="submit" name="test_cgi_worms" value="Make worms">
<input type="submit" name="caf_logout" value="Logout">
</form>
<form method="POST" action="$url/extra">
$hiddenhtml
<input type="submit" name="test_cgi_append" value="Append">
</form>
END