# Selima Website Content Management System
# Unauth.pm: The unauthorized access processor.

#  Copyright (c) 2004-2018 imacat.
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.

# Author: imacat <imacat@mail.imacat.idv.tw>
# First written: 2004-09-28

package Selima::Unauth;
use 5.008;
use strict;
use warnings;
use base qw(Exporter);
use vars qw(@EXPORT @EXPORT_OK);
BEGIN {
@EXPORT = qw(unauth);
@EXPORT_OK = @EXPORT;
# Prototype declaration
sub unauth();
}

use URI::Escape qw(uri_escape);

use Selima::DataVars qw(:requri);
use Selima::LogIn;
use Selima::HTTP;

# unauth: User is not authorized
sub unauth() {
    local ($_, %_);
    
    # Logged in but privilege not enough
    http_403 if defined get_login_sn;
    
    # Not logged in yet - log in
    @_ = qw();
    push @_, "referer=" . uri_escape($REQUEST_FULLURI);
    # To be done
    #$script = userhome();
    $_ = "login.cgi?" . join "&", @_;
    if ($ENV{"REQUEST_METHOD"} eq "POST") {
        http_303 $_;
    } else {
        http_307 $_;
    }
}

return 1;