!7

static new L<S> authorizedDialogIDs;

p {
  load("authorizedDialogIDs");
}

static S html(S subUri, Map<S, S> params) {
  S anonID = cast get(getMainBot(), "anonymousDialogID");
  S dialogID = getDialogID();
  if (empty(dialogID) || eq(dialogID, anonID))
    ret "No cookie - cannot authenticate! (dialog ID: " + dialogID + ")";

  boolean in = authorizedDialogIDs.contains(dialogID);
  if (in)
    ret "You're in! " /* + ahref("Log out") */;
    
  S realPW = realPW();
  if (empty(realPW))
    ret "No password set by admin - please put password in: " + realPWFile().getAbsolutePath();
    
  S pw = params.get("pw");
  if (nempty(pw)) {
    if (neq(pw, realPW)) {
      print("XXX - Alert, bad PW entered on web - XXX");
      ret "Bad PW, bugger";
    } else {
      authorizedDialogIDs.add(dialogID);
      save("authorizedDialogIDs");
      ret "OK, you're in! Dialog ID: " + dialogID;
    }
  } else {
    S formContents = tag("p", "Enter deh pass word: " + htag("input", "", "type", "password", "name", "pw", "value", params.get("pw")));
    formContents += tag("input", "", "type", "submit", "value", "Submit!");
    ret tag("form", formContents, "method", "POST");
  }
}

static File realPWFile() {
  ret secretProgramFile("master-pw");
}

static S realPW() {
  ret trim(loadTextFile(realPWFile()));
}

static boolean currentHttpRequestAuthorized() {
  ret authorizedDialogIDs.contains(getDialogID());
}