from pyramid.security import Allow, Everyone, Authenticated
from passlib.apps import custom_app_context as poc_pwd_context


class UserLoginFactory(object):
    __acl__ = [(Allow, Everyone, 'view'),
               (Allow, Authenticated, 'control'),
               (Allow, Authenticated, 'edit'), ]

    def __init__(self, request):
        pass

def set_password(request, username, password):
    password_hash = poc_pwd_context.encrypt(password)
    request.db['users'].update_one({'username': username}, {"$set":{"username": username, "password": password_hash}}, upsert=True)


def check_password(request, username, password):
    users = list(request.db['users'].find({'username': username}))
    if len(users) > 0:
        this_user = users[0]

        # is it cleartext?
        if password == this_user['password']:
            set_password(request, username, password)
            return check_password(request, username, password)

        return poc_pwd_context.verify(password, this_user['password'])