local crypto = require("ssso_crypto")
local login  = require("ssso_login")
local nginx  = require("ssso_nginx")

local function get_session()
  local profile, jws, tslimit
  local user, password = nginx.get_basic_auth()

  if user and password then
    profile = login.check_credentials_and_get_profile(user, password)
    if profile then
      jws, tslimit = crypto.get_jws_and_tslimit(profile)
    end
  end

  if not profile then
    local cookie = nginx.get_jws_cookie()
    if not cookie or cookie == "" then
      return nil, 401
    end
    profile, jws, tslimit = crypto.get_profile_and_new_jws(cookie)
  end

  if profile then
    nginx.set_jws_cookie(jws, tslimit)
    return profile, 200
  else
    return nil, 403
  end
end


return {
  get_session = get_session,
}