<?php
// Own namespace
namespace Org\Mxchange\CoreFramework\Filter\Verifier\Password;

// Import framework stuff
use Org\Mxchange\CoreFramework\Filter\BaseFilter;
use Org\Mxchange\CoreFramework\Filter\Filterable;
use Org\Mxchange\CoreFramework\Factory\ObjectFactory;
use Org\Mxchange\CoreFramework\Registry\GenericRegistry;
use Org\Mxchange\CoreFramework\Request\Requestable;
use Org\Mxchange\CoreFramework\Response\Responseable;
use Org\Mxchange\CoreFramework\User\BaseUser;

/**
 * A concrete filter for validating the password. This filter may intercept
 * the filter chain if no password is given or the password is invalid
 *
 * @author		Roland Haeder <webmaster@shipsimu.org>
 * @version		0.0.0
 * @copyright	Copyright (c) 2007, 2008 Roland Haeder, 2009 - 2017 Core Developer Team
 * @license		GNU GPL 3.0 or any newer version
 * @link		http://www.shipsimu.org
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */
class AccountPasswordVerifierFilter extends BaseFilter implements Filterable {
	/**
	 * Protected constructor
	 *
	 * @return	void
	 */
	protected function __construct () {
		// Call parent constructor
		parent::__construct(__CLASS__);
	}

	/**
	 * Creates an instance of this filter class
	 *
	 * @return	$filterInstance		An instance of this filter class
	 */
	public static final function createAccountPasswordVerifierFilter () {
		// Get a new instance
		$filterInstance = new AccountPasswordVerifierFilter();

		// Return the instance
		return $filterInstance;
	}

	/**
	 * Executes the filter with given request and response objects
	 *
	 * @param	$requestInstance	An instance of a class with an Requestable interface
	 * @param	$responseInstance	An instance of a class with an Responseable interface
	 * @return	void
	 * @throws	AccountPasswordMismatchException	If the account password does not match
	 * @throws	FilterChainException				If this filter fails to operate
	 * @todo	Rewrite handling of different password fields
	 */
	public function execute (Requestable $requestInstance, Responseable $responseInstance) {
		// Get password
		$password = $requestInstance->getRequestElement('pass_old');

		// Is the password still not set?
		if (is_null($password)) {
			// Get password from alternative location
			$password = $requestInstance->getRequestElement('password');

			// Is the password still not set?
			if (is_null($password)) {
				// Not found in form so stop the filtering process
				$requestInstance->requestIsValid(false);

				// Add a message to the response
				$responseInstance->addFatalMessage('password_unset');

				// Abort here
				throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
			} // END - if
		} // END - if

		if (empty($password)) {
			// Password is empty
			$requestInstance->requestIsValid(false);

			// Add a message to the response
			$responseInstance->addFatalMessage('password_empty');

			// Abort here
			throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
		} // END - if

		// Get a user instance
		$userInstance = GenericRegistry::getRegistry()->getInstance('user');

		// Get current hash
		$currentHash = $userInstance->getField('pass_hash');

		// Get an encryption helper and encrypt the password
		$passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $currentHash);

		// Does it match?
		if ($currentHash != $passHash) {
			// Throw an exception here to stop the proccessing
			throw new AccountPasswordMismatchException($this, BaseUser::EXCEPTION_USER_PASS_MISMATCH);
		} // END - if
	}

}