# -*- coding: utf-8 -*-
#= AuthenticatedSystem の携帯対応用モジュール
# Authors:: 　Tetsushi OHKI
# Copyright:: Copyright (C) OrbusNeich Medical K.K.  2010.
#--
# date        name                   note
# 2010.3.31   Tetsushi OHKI          新規作成
#-------------------------------------------------------------------------------
#++
module MobileAuthenticatedSystem
  #invalid_flag_codeを見るように修正。
  def login_from_session
    #self.current_user = User.find_by_id(session[:user_id]) if session[:user_id]
    #tmp_user = User.find_by_id(session[:user_id]) if session[:user_id]
    #session_idで検索して、session_idが1つだけ見つかるかどうかがポイント
    session_user = User.find(:all, :conditions => [" session_id = ? AND invalid_flag_code = ? ", request.session_options[:id], Comm::Const::MasterCode::MCODE_FLAG_OFF]) if session[:user_id]
    #if tmp_user && tmp_user.session_id == request.session_options[:id]  && tmp_user.invalid_flag_code == Comm::Const::MasterCode::MCODE_FLAG_OFF
    if session_user && session_user.length==1 && session_user.first.id == session[:user_id]
      self.current_user = session_user.first
    else 
      self.current_user = false
    end
  end
  
  def self.included(recipient)
    recipient.class_eval do
      # include AuthenticatedSystem
      
      docomo_guid  # ドコモの場合にguid=ONを付与
      
      def current_user
        if request.mobile
          @current_user ||= (login_from_session || login_from_uid || login_from_basic_auth || login_from_cookie) unless @current_user == false  #モバイルはUIDでユーザー認証
        else
          @current_user ||= (login_from_session || login_from_basic_auth || login_from_cookie) unless @current_user == false
        end
      end
      
      # uidの一致に基づく認証
      def login_from_uid
        self.current_user = User.authenticate_by_uid(request.mobile.ident_subscriber) if request.mobile.ident_subscriber
      end

      # params[:remember_me] == "1" で uid を記録する
      def handle_remember_uid!(new_uid_flag)
        return unless @current_user
        case
        when new_uid_flag then @current_user.remember_uid(request.mobile.ident_subscriber) if request.mobile.ident_subscriber
        else                   @current_user.forget_uid
        end
      end

      # ログアウト時に uid を削除するように変更
      def logout_keeping_session!
        # Kill server-side auth cookie
        @current_user.forget_me if @current_user.is_a? User
        @current_user = false     # not logged in, and don't do it for me
        kill_remember_cookie!     # Kill client-side auth cookie
        user = User.find_by_id(session[:user_id])
        user.forget_uid if !user.nil? && request.mobile
        session[:user_id] = nil   # keeps the session but kill our variable
        # explicitly kill any other session variables you set
      end

    end
  end
end