/*
 * dAuth: A secure authentication system for the cakePHP framework.
 * Copyright (c)	2006, Dieter Plaetinck
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 *
 * @author			Dieter Plaetinck
 * @copyright		Copyright (c) 2006, Dieter Plaetinck
 * @version			0.3
 * @modifiedby		Dieter@be
 * @lastmodified	$Date: 2006-12-04 16:18:00 +0000 (Mon, 4 Dec 2006) $
 * @license			http://www.opensource.org/licenses/mit-license.php The MIT License
 */


	/*
	 * The algorithm (constant over time) that will be used to securely store passwords in the database.
	 * If you change this, you have to change the stage1Hash component function too.
	 */

	function stage1Hash(cleartext)
	{
		return sha1Hash(cleartext+cleartext.charAt(0));
	}

	/*
	 * The algorithm (changing over time) that will be used to securely transport passwords over the network.
	 * If you change this, you have to change the stage2Hash component function too.
	 */
	function stage2Hash(stage1,salt)
	{
		return sha1Hash(stage1+salt);
	}

	function doStage2()
	{
		var password = document.getElementById('password').value;
  		var salt = document.getElementById('special_sauce').value;
		var hash = stage2Hash(stage1Hash(password),salt);
		var fake_pass = randomString(password.length);
		document.getElementById('hashed_pw').value = hash;
		document.getElementById('password').value = fake_pass;
		
	}
	
	function doStage1()
	{
		var password = document.getElementById('password').value;
		var hash = stage1Hash(password);
		
		var confirmpassword = document.getElementById('confirmpassword').value;
		var confirmhash = stage1Hash(confirmpassword);		
		
		var fake_pass = randomString(password.length);
		var confirm_fake_pass = randomString(confirmpassword.length);
		
		document.getElementById('hashed_pw').value = hash;
		document.getElementById('password').value = fake_pass;
		
		document.getElementById('confirm_hashed_pw').value = confirmhash;
		document.getElementById('confirmpassword').value = confirm_fake_pass;		

	}
	
	function doStage1Change()
	{
		
 		var salt = document.getElementById('special_sauce').value;		

		var password = document.getElementById('password').value;
		var hash = stage1Hash(password);
		
		var confirmpassword = document.getElementById('confirmpassword').value;
		var confirmhash = stage1Hash(confirmpassword);		

		var oldpassword = document.getElementById('oldpassword').value;
		var oldhash = stage2Hash(stage1Hash(oldpassword),salt);			
		
		var fake_pass = randomString(password.length);
		var confirm_fake_pass = randomString(confirmpassword.length);
		var old_fake_pass = randomString(oldpassword.length);
				
		document.getElementById('hashed_pw').value = hash;
		document.getElementById('password').value = fake_pass;
		
		document.getElementById('confirm_hashed_pw').value = confirmhash;
		document.getElementById('confirmpassword').value = confirm_fake_pass;		

		document.getElementById('old_hashed_pw').value = oldhash;
		document.getElementById('oldpassword').value = old_fake_pass;			
		
	}	
	

	function randomString(len)
	{
		var chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz";
		var randomstring = '';
		for (var i=0; i<len; i++)
		{
			var rnum = Math.floor(Math.random() * chars.length);
			randomstring += chars.substring(rnum,rnum+1);
		}
		return randomstring;
	}

	function emptyField(fieldId)
	{
        document.getElementById(fieldId).value = "";
	}

	function removeError(errorId)
	{
		document.getElementById(errorId).innerHTML = "";
	}

	function fixForm(formId, action)
	{
		var form = document.getElementById(formId);
		form.action = action;
		form.method = 'post';
		form.style.display = "block";
	}