Improved login and prepared logout

Change-Id: I29e7c3752682e1016cbbd861ac1c1c3dd64964ab
diff --git a/dev/scss/header/header.scss b/dev/scss/header/header.scss
index 5d366db..98201e3 100644
--- a/dev/scss/header/header.scss
+++ b/dev/scss/header/header.scss
@@ -114,6 +114,9 @@
     > a.login::after {
       content: $fa-login;
     }
+    > a.logout::after {
+      content: $fa-logout;
+    }
   }
 
   #vc-view > div {
diff --git a/kalamar.dict b/kalamar.dict
index 16968ec..0dafc51 100644
--- a/kalamar.dict
+++ b/kalamar.dict
@@ -22,6 +22,7 @@
     },
     about => 'Über KorAP',
     login => 'Anmelden',
+    logout => 'Abmelden',
     register => 'Registrieren',
     pwdforgotten => 'Password vergessen?',
     searchjob => '»<%== $q %>« <% if (param("collection-name")) { %>in »<%== param("collection-name") %>«<% } elsif (param("collection")) { %>im definierten Korpus<% } %> mit <%== loc("QL_" . $ql, "unbekannter Anfragesprache") %>',
@@ -52,6 +53,11 @@
     },
     template => {
       intro => 'de/intro'
+    },
+    Auth => {
+      loginSuccess => 'Anmeldung erfolgreich',
+      loginFail => 'Anmeldung fehlgeschlagen',
+      logoutSuccess => 'Abmeldung erfolgreich'
     }
   },
   -en => {
@@ -65,6 +71,7 @@
     },
     about => 'About KorAP',
     login => 'Login',
+    logout => 'Abmelden',
     register => 'Register',
     pwdforgotten => 'Password forgotten?',
     go => 'Go!',
@@ -97,6 +104,11 @@
       cosmas2 => 'Cosmas II',
       annis => 'Annis QL',
       cql => 'CQL v1.2'
+    },
+    Auth => {
+      loginSuccess => 'Login successful',
+      loginFail => 'Access denied',
+      logoutSuccess => 'Logout successful'
     }
   }
 };
diff --git a/lib/Kalamar.pm b/lib/Kalamar.pm
index c35ed27..0bd2252 100644
--- a/lib/Kalamar.pm
+++ b/lib/Kalamar.pm
@@ -133,6 +133,7 @@
 
       if ($c->session('auth')) {
         $c->stash(auth => $c->session('auth'));
+        $c->stash(user => $c->session('user'));
       };
       return 1;
     }
@@ -165,7 +166,7 @@
   # User Management
   my $user = $r->any('/user')->to(controller => 'User');
   $user->post('/login')->to(action => 'login')->name('login');
-#  $r->get('/logout')->to(action => 'logout')->name('logout');
+  $user->get('/logout')->to(action => 'logout')->name('logout');
 #  $r->any('/register')->to(action => 'register')->name('register');
 #  $r->any('/forgotten')->to(action => 'pwdforgotten')->name('pwdforgotten');
 
diff --git a/lib/Kalamar/Apps/test_backend.pl b/lib/Kalamar/Apps/test_backend.pl
index aeb0860..a887b59 100644
--- a/lib/Kalamar/Apps/test_backend.pl
+++ b/lib/Kalamar/Apps/test_backend.pl
@@ -2,7 +2,7 @@
 use Mojolicious::Lite;
 use Mojo::ByteStream 'b';
 use Mojo::Date;
-use Mojo::JSON qw/true false/;
+use Mojo::JSON qw/true false encode_json/;
 use strict;
 use warnings;
 use Mojo::JWT;
@@ -13,7 +13,7 @@
 
 helper jwt => sub {
   shift;
-  Mojo::JWT->new(
+  return Mojo::JWT->new(
     secret => 's3cr3t',
     token_type => 'api_token',
     expires => Mojo::Date->new(time + (3 * 34 * 60 * 60)),
@@ -125,6 +125,7 @@
 };
 
 
+
 ############
 # Auth API #
 ############
@@ -148,7 +149,6 @@
   # Decode header
   my ($username, $pwd) = @{b($auth)->b64_decode->split(':')->to_array};
 
-
   # the password is 'pass'
   if ($pwd) {
 
@@ -156,7 +156,18 @@
     if ($pwd eq 'pass') {
 
       # Render info with token
-      return $c->render($c->jwt(username => $username));
+      my $jwt = $c->jwt(username => $username);
+
+      # Render in the Kustvakt fashion:
+      return $c->render(
+        format => 'html',
+        text => encode_json({
+          %{$jwt->claims},
+          expires    => $jwt->expires,
+          token      => $jwt->encode,
+          token_type => 'api_token'
+        })
+      );
     };
 
     return $c->render(
diff --git a/lib/Kalamar/Controller/User.pm b/lib/Kalamar/Controller/User.pm
index b80aec0..636f4c3 100644
--- a/lib/Kalamar/Controller/User.pm
+++ b/lib/Kalamar/Controller/User.pm
@@ -11,7 +11,7 @@
   $v->required('pwd', 'trim');
 
   if ($v->has_error) {
-    $c->notify(error => 'Login fail');
+    $c->notify(error => $c->loc('Auth_loginFail'));
   }
 
   # Login user
@@ -19,20 +19,39 @@
     $v->param('handle_or_email'),
     $v->param('pwd')
   )) {
-    $c->notify(success => 'Login successful!');
+    $c->notify(success => $c->loc('Auth_loginSuccess'));
+  }
+
+  else {
+    $c->notify(error => $c->loc('Auth_loginFail'));
   };
 
   # Set flash for redirect
   $c->flash(handle_or_email => $v->param('handle_or_email'));
 
   # Redirect to slash
-  return $c->redirect_to('/');
+  return $c->redirect_to('index');
 };
 
+
+# Logout of the session
 sub logout {
-  shift->user->logout;
+  my $c = shift;
+
+  # Log out of the system
+  if ($c->user->logout) {
+    $c->notify('success', $c->loc('Auth_logoutSuccess'));
+  }
+
+  # Something went wrong
+  else {
+    $c->notify('error', $c->loc('Auth_logoutFail'));
+  };
+  return $c->redirect_to('index');
 };
 
+
+
 sub register {
   my $c = shift;
   $c->render(json => {
@@ -40,6 +59,8 @@
   });
 };
 
+
+
 sub pwdforgotten {
   my $c = shift;
   $c->render(json => {
diff --git a/lib/Kalamar/Plugin/KalamarUser.pm b/lib/Kalamar/Plugin/KalamarUser.pm
index cb4f0be..f951f0f 100644
--- a/lib/Kalamar/Plugin/KalamarUser.pm
+++ b/lib/Kalamar/Plugin/KalamarUser.pm
@@ -54,10 +54,11 @@
     'user.ua' => sub {
       my $c = shift;
       my $auth = $c->user_auth;
-      my $client = $c->req->headers->header('X-Forwarded-For');
 
       return $plugin->ua unless $auth;
 
+      my $client = $c->req->headers->header('X-Forwarded-For');
+
       my $ua = Mojo::UserAgent->new;
 
       # Set app to server
@@ -126,6 +127,8 @@
 
         $mojo->log->debug(qq!Login successful: "$user" with "$auth"!);
 
+        $user = $jwt->{username} ? $jwt->{username} : $user;
+
         # Set session info
         $c->session(user => $user);
         $c->session(auth => $auth);
@@ -248,14 +251,22 @@
       my $c = shift;
 
       # TODO: csrf-protection!
-      # TODO: REVOKE ON THE SERVER ONCE SUPPORTED!
+
+      my $url = Mojo::URL->new($plugin->api);
+      $url->query('/auth/logout');
+
+      # Receive value from server
+      my $return_value = $c->user->ua->get($url);
+
+      # TODO:
+      #   Do something with value
 
       # Clear cache
       $c->chi('user')->remove($c->user_auth);
 
       # Expire session
       $c->session(expires => 1);
-      return $c->redirect_to('index');
+      return 1;
     }
   );
 };
diff --git a/t/remote_user.t b/t/remote_user.t
index 5e23b95..d904fb7 100644
--- a/t/remote_user.t
+++ b/t/remote_user.t
@@ -11,9 +11,6 @@
 $t->get_ok('/')
   ->element_exists('form[action=/user/login] input[name=handle_or_email]');
 
-#$t->post_ok('/user/login' => form => { handle_or_email => 'test' })
-#  ->status_is(302);
-
 $t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'fail' })
   ->status_is(302)
   ->header_is('Location' => '/');
@@ -24,6 +21,17 @@
   ->element_exists('input[name=handle_or_email][value=test]')
   ;
 
+$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'pass' })
+  ->status_is(302)
+  ->header_is('Location' => '/');
+
+$t->get_ok('/')
+  ->status_is(200)
+  ->element_exists_not('div.notify-error')
+  ->element_exists('div.notify-success')
+  ->text_is('div.notify-success', 'Login successful!')
+  ;
+
 
 done_testing;
 __END__
diff --git a/templates/layouts/main.html.ep b/templates/layouts/main.html.ep
index 519229e..7ddb283 100644
--- a/templates/layouts/main.html.ep
+++ b/templates/layouts/main.html.ep
@@ -37,10 +37,10 @@
       <button type="submit"><span><%= loc 'go' %></span></button>
     </div>
   % end
-  <ul>
-    <li><%= link_to loc('register') => 'register' %></li>
-    <li><%= link_to loc('pwdforgotten') => 'pwd_forgotten' %></li>
-  </ul>
+%#  <ul>
+%#    <li><%= link_to loc('register') => 'register' %></li>
+%#    <li><%= link_to loc('pwdforgotten') => 'pwd_forgotten' %></li>
+%#  </ul>
 </fieldset>
 % end
 % }
diff --git a/templates/partial/header.html.ep b/templates/partial/header.html.ep
index fdc25d6..a81aebc 100644
--- a/templates/partial/header.html.ep
+++ b/templates/partial/header.html.ep
@@ -1,11 +1,14 @@
 <header>
   <%= link_to 'index', class => 'logo', begin %><h1><span><%= title() // loc('korap_desc') %></span></h1><% end %>
   <div class="button top">
-<!--
-    <a href="#"
-       class="login"
-       title="<%= loc 'login' %>"><span><%= loc 'login' %></span></a>
--->
+
+% if (stash('user')) {
+   %# TODO: CSRF protection
+   <a href="<%= url_for 'logout' %>"
+      class="logout"
+      title="<%= loc 'logout' %>: <%= stash('user') %>"><span><%= loc 'logout' %></span></a>
+% };
+
   </div>
   <form autocomplete="off" action="<%= url_for 'index' %>" id="searchform">
     <div id="searchbar">