from crypt import crypt
import os
from pyramid.authentication import BasicAuthAuthenticationPolicy
from pyramid.authorization import ACLAuthorizationPolicy
from pyramid.config import Configurator
from pyramid.security import Authenticated, Allow, Everyone


def main(global_config, **settings):
    config = Configurator(settings=settings, authentication_policy=BasicAuthAuthenticationPolicy(htpasswd),
                          authorization_policy=ACLAuthorizationPolicy(), root_factory='bifrost.RootFactory')
    config.add_route('update', '/update')
    config.scan()
    return config.make_wsgi_app()


def htpasswd(username, password, request):
    settings = request.registry.settings
    file = settings['biforst.auth']
    if not os.path.isfile(file):
        return None
    users = {}
    with open(file) as f:
        for line in f:
            login, pwd = line.split(':')
            users[login] = pwd.rstrip('\n')
    if username in users and crypt(password, users[username]) == users[username]:
        return [Authenticated]
    return None


class RootFactory(object):
    @property
    def __acl__(self):
        acl = [(Allow, Authenticated, Authenticated)]
        return acl

    def __init__(self, request):
        pass