local crypto = require("ssso_crypto")
local login  = require("ssso_login")
local nginx  = require("ssso_nginx")

local function get_session()
  local session, jws, tslimit
  local user, password = nginx.get_basic_auth()

  if user and password then
    session = login.check_credentials_and_get_profile(user, password)
    if session then
      jws, tslimit = crypto.get_jws_and_tslimit(session)
    end
  end

  if not session then
    local cookie = nginx.get_jws_cookie()
    if not cookie or cookie == "" then
      return nil, 401
    end
    session, jws, tslimit = crypto.get_data_and_new_jws(cookie)
  end

  if session then
    nginx.set_jws_cookie(jws, tslimit)
    return session, 200
  else
    return nil, 403
  end
end


return {
  get_session = get_session,
}