%# BEGIN BPS TAGGED BLOCK {{{
%# 
%# COPYRIGHT:
%# 
%# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC
%#                                          <jesse@bestpractical.com>
%# 
%# (Except where explicitly superseded by other copyright notices)
%# 
%# 
%# LICENSE:
%# 
%# This work is made available to you under the terms of Version 2 of
%# the GNU General Public License. A copy of that license should have
%# been provided with this software, but in any event can be snarfed
%# from www.gnu.org.
%# 
%# This work is distributed in the hope that it will be useful, but
%# WITHOUT ANY WARRANTY; without even the implied warranty of
%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
%# General Public License for more details.
%# 
%# You should have received a copy of the GNU General Public License
%# along with this program; if not, write to the Free Software
%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
%# 02110-1301 or visit their web page on the internet at
%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
%# 
%# 
%# CONTRIBUTION SUBMISSION POLICY:
%# 
%# (The following paragraph is not intended to limit the rights granted
%# to you to modify and distribute this software under the terms of
%# the GNU General Public License and is only of importance to you if
%# you choose to contribute your changes and enhancements to the
%# community by submitting them to Best Practical Solutions, LLC.)
%# 
%# By intentionally submitting any modifications, corrections or
%# derivatives to this work, or any other work intended for use with
%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
%# you are the copyright holder for those contributions and you grant
%# Best Practical Solutions,  LLC a nonexclusive, worldwide, irrevocable,
%# royalty-free, perpetual, license to use, copy, create derivative
%# works based on those contributions, and sublicense and distribute
%# those contributions and any derivatives thereof.
%# 
%# END BPS TAGGED BLOCK }}}
<%INIT>
if ($m->request_comp->path =~ '^/REST/\d+\.\d+/') {
    $r->content_type("text/plain");
    $m->error_format("text");
    $m->out("RT/$RT::VERSION 401 Credentials required\n");
    $m->out("\n$Error\n") if $Error;
    $m->abort;
}

my $req_uri;

if (UNIVERSAL::can($r, 'uri') and $r->uri =~ m{.*/(.*)}) {
    $req_uri = $1;
}

my $form_action = defined $goto             ? $goto
                : defined $req_uri          ? $req_uri
                :                             RT->Config->Get('WebPath')
                ;

# sanitize $form_action
my $uri = URI->new($form_action);

# You get undef scheme with a relative uri like "/Search/Build.html"
unless (!defined($uri->scheme) || $uri->scheme eq 'http' || $uri->scheme eq 'https') {
    $form_action = RT->Config->Get('WebPath');
}

# Make sure we're logging in to the same domain
# You can get an undef authority with a relative uri like "index.html"
my $uri_base_url = URI->new(RT->Config->Get('WebBaseURL'));
unless (!defined($uri->authority) || $uri->authority eq $uri_base_url->authority) {
    $form_action = RT->Config->Get('WebPath');
}
</%INIT>

% $m->callback( %ARGS, CallbackName => 'Header' );
<& /Elements/Header, Title => loc('Login'), Focus => 'user' &>


%# End of div#quickbar from /Elements/Header
</div>

<div id="body" class="login-body">
% if ($Error) {
<&| "/Widgets/TitleBox", title => loc('Error'), hideable => 0, class => 'error'  &>
<% $Error %>
</&>
% }

% $m->callback( %ARGS, CallbackName => 'BeforeForm' );

<div id="login-box">
<&| /Widgets/TitleBox, title => loc('Login'), titleright => $RT::VERSION, hideable => 0 &>

% unless (RT->Config->Get('WebExternalAuth') and !RT->Config->Get('WebFallbackToInternalAuth')) {
<form id="login" name="login" method="post" action="<% $form_action %>">

<div class="input-row">
    <span class="label"><&|/l&>Username</&>:</span>
    <span class="input"><input name="user" value="<%$user%>" id="user" /></span>
</div>

<div class="input-row">
    <span class="label"><&|/l&>Password</&>:</span>
    <span class="input"><input type="password" name="pass" autocomplete="off" /></span>
</div>

<div class="button-row">
    <span class="input"><input type="submit" class="button" value="<&|/l&>Login</&>" /></span>
</div>

%# Give callbacks a chance to add more control elements
% $m->callback( %ARGS );

% # From mason 1.0.1 forward, this doesn't work. in fact, it breaks things.
% # But on Mason 1.15 it's fixed again, so we still use it.
% # The code below iterates through everything in the passed in arguments
% # Preserving all the old parameters
% # This would be easier, except mason is 'smart' and calls multiple values
% # arrays rather than multiple hash keys
% my $key; my $val;
% foreach $key (keys %ARGS) {
%  if (($key ne 'user') and ($key ne 'pass')) {
% 	if (ref($ARGS{$key}) =~ /ARRAY/) {
% 		foreach $val (@{$ARGS{$key}}) {
<input type="hidden" class="hidden" name="<%$key %>" value="<% $val %>" />
% 		}
% 	}
%	else {
<input type="hidden" class="hidden" name="<% $key %>" value="<% $ARGS{$key} %>" />
% 	}
%  }
% }
</form>
% }
</&>
</div><!-- #login-box -->
% $m->callback( %ARGS, CallbackName => 'AfterForm' );
</div><!-- #login-body -->
<& /Elements/Footer, Menu => 0 &>
<%ARGS>
$user => ""
$pass => undef
$goto => undef
$Error => undef
</%ARGS>
