from django.contrib.auth import logout
from django.http import HttpResponseRedirect
from django.conf import settings
from django.core.urlresolvers import reverse
from django.contrib.auth.views import login


def fedlogin(request):
    user = request.user

    if user.is_authenticated():

        first_name = request.META.get('HTTP_GIVENNAME').decode('utf-8')
        last_name = request.META.get('HTTP_SN').decode('utf-8')
        email = request.META.get('HTTP_MAIL').decode('utf-8')
        affiliations = request.META.get('HTTP_AFFILIATION', '').decode('utf-8').split(';')

        if first_name:
            user.first_name = first_name
        if last_name:
            user.last_name = last_name
        if email:
            user.email = email
        user.is_staff = 'employee@nordu.net' in affiliations
        user.is_active = 'employee@nordu.net' in affiliations or 'member@nordu.net' in affiliations
        if user.password == "":
            user.password = "(not used for federated logins)"
        user.save()

    _next = request.GET.get('next')
    if _next:
        return HttpResponseRedirect(_next)
    else:
        return HttpResponseRedirect(reverse(login))


def fedlogout(request):
    logout(request)
    url = getattr(settings, 'FEDERATE_LOGOUT_URL', '/Shibboleth.sso/Logout')
    return HttpResponseRedirect(url)