Added user login support via JWT

Change-Id: I95dbbabfa50924b0b481961f7422bcab3708d45d
diff --git a/lib/Kalamar/Plugin/KalamarUser.pm b/lib/Kalamar/Plugin/KalamarUser.pm
new file mode 100644
index 0000000..a9ea947
--- /dev/null
+++ b/lib/Kalamar/Plugin/KalamarUser.pm
@@ -0,0 +1,142 @@
+package Kalamar::Plugin::KalamarUser;
+use Mojo::Base 'Mojolicious::Plugin';
+use Mojo::ByteStream 'b';
+
+has 'api';
+
+sub register {
+  my ($plugin, $mojo, $param) = @_;
+
+  # Load parameter from config file
+  if (my $config_param = $mojo->config('Kalamar')) {
+    $param = { %$param, %$config_param };
+  };
+
+  # Set API!
+  $plugin->api($param->{api}) or return;
+
+  # Get the user token necessary for authorization
+  $mojo->helper(
+    'user_auth' => sub {
+      my $c = shift;
+
+      # Get token from stash
+      my $token = $c->stash('auth');
+      return $token if $token;
+
+      # Set token to stash
+      $c->stash(auth => $c->session('auth'));
+      return $c->stash('auth');
+    }
+  );
+
+  # Login
+  $mojo->helper(
+    'user.login' => sub {
+      my $c = shift;
+      my ($user, $pwd) = @_;
+
+      return if index($user, ':') >= 0;
+
+      my $url = Mojo::URL->new($plugin->api)->path('auth/apiToken');
+      my $tx = $c->ua->get($url => {
+	Authorization => 'Basic ' . b($user . ':' . $pwd)->b64_encode
+      });
+
+      # Login successful
+      if (my $res = $tx->success) {
+	my $jwt = $res->json;
+
+	my $auth = $jwt->{token_type} . ' ' . $jwt->{token};
+
+	$mojo->log->debug(qq!Login successful: "$user" with "$auth"!);
+
+	# Set session info
+	$c->session(user => $user);
+	$c->session(auth => $auth);
+
+	$c->stash(user => $user);
+	$c->stash(auth => $auth);
+
+	# Set cache
+	$c->chi('user')->set($auth => $user);
+	return 1;
+      };
+
+      $mojo->log->debug(qq!Login fail: "$user"!);
+
+      return;
+    }
+  );
+
+  # Get details, settings etc. with authorization
+  $mojo->helper(
+    'user.get' => sub {
+      my $c = shift;
+      my $param = shift;
+
+      return unless $param =~ m/^details$/;
+
+      # The user may be logged in
+      my $auth = ($c->stash('auth') || $c->session('auth')) or return;
+
+      # Get namespaced cache
+      my $chi = $c->chi('user');
+
+      # Get user and check, if the user is real
+      my $user = $chi->get($auth);
+
+      # Check if the user is really logged in
+      my $value = $chi->get($user . '_' . $param);
+
+      unless ($value) {
+	$value = $plugin->get_authorized($auth, 'user/' . $param) or return;
+	$chi->set($user . '_' . $param => $value);
+      };
+
+      # Return value
+      return $value;
+    }
+  );
+
+
+  # Logout
+  $mojo->helper(
+    'user.logout' => sub {
+      my $c = shift;
+
+      # TODO: csrf-protection!
+      # TODO: REVOKE ON THE SERVER ONCE SUPPORTED!
+
+      # Clear cache
+      $c->chi('user')->remove($c->user_auth);
+
+      # Expire session
+      $c->session(expires => 1);
+      return $c->redirect_to('index');
+    }
+  );
+};
+
+
+# Issue an authorized request
+sub get_authorized {
+  my $plugin = shift;
+
+  my ($auth, $path) = @_;
+  my $url = Mojo::URL->new($plugin->api)->path($path);
+
+  # Get authorized
+  # TODO: REUSE USERAGENT
+  my $tx = Mojo::UserAgent->new->get($url => {
+    Authorization => $auth
+  });
+
+  return $tx->success ? $tx->success->json : undef;
+};
+
+
+1;
+
+
+__END__