# -*- coding: utf-8 -*-
from functools import wraps
from flask import request, render_template, session
from random import randint
from Crypto.Cipher import AES


# from http://flask.pocoo.org/docs/patterns/viewdecorators/#templating-decorator
def templated(template=None):
    def decorator(f):
        @wraps(f)
        def decorated_function(*args, **kwargs):
            template_name = template
            if template_name is None:
                template_name = request.endpoint \
                    .replace('.', '/') + '.html'
            ctx = f(*args, **kwargs)
            if ctx is None:
                ctx = {}
            elif not isinstance(ctx, dict):
                return ctx
            return render_template(template_name, **ctx)
        return decorated_function
    return decorator


def login_user(username, password):
#    if not ldap_bind():
#        return False

    session['username'] = username
    session['password'] = encrypt_password(password)

    #ldap_unbind()

    return True


def logout_user():
    session.pop('username', None)
    session.pop('password', None)


def pad(s, numbytes=32, padding='\0'):
    return s + (numbytes - len(s) % numbytes) * padding

def encrypt_password(password):
    """
    Encrypt the given password with `config.PASSWORD_ENCRYPTION_KEY`.
    The key must be 32 bytes long.
    """
    assert len(app.config['PASSWORD_ENCRYPTION_KEY']) == 32

    iv = ''.join(chr(randint(0, 0xff)) for i in range(16))
    encryptor = AES.new(app.config['PASSWORD_ENCRYPTION_KEY'], AES.MODE_CBC, iv)
    return iv + encryptor.encrypt(pad(password))

def decrypt_password(ciphertext):
    """
    Decrypt the given password with `config.PASSWORD_ENCRYPTION_KEY`.
    """
    iv = ciphertext[:16]
    encryptor = AES.new(app.config['PASSWORD_ENCRYPTION_KEY'], AES.MODE_CBC, iv)
    return encryptor.decrypt(ciphertext[16:]).rstrip('\0')


def login_required(func):
    #TODO
    return func


# circular import
from app import app