#!/usr/bin/python3
# This file has been added to my Private Server and was not a function in the original DreamTown.
from dreamtown_config import *
import sys
import binascii
import os
import json
import sqlite3
import hashlib

print("Content-Type: application/json")
print("")
method = os.environ["REQUEST_METHOD"]
if method != "POST":
	print("Expected POST")
	os._exit(1)
	

content_len = int(os.environ["CONTENT_LENGTH"])
post = sys.stdin.read(content_len)
jsonData = json.loads(post)
result = {"status":SUCCESS}


def TryLogin():
	username = jsonData['name'].lower()
	old_password = jsonData['old_password']
	new_password = jsonData['new_password']
	
	#Check User Exists
	c = db.cursor()
	c.execute('SELECT COUNT(1) from users WHERE Name=?',(username,))
	rows = c.fetchone()
	count = rows[0]
	
	if count == 0:
		result['status'] = USER_DOES_NOT_EXIST
		return 0
	#Check Password
	c.execute('SELECT PassHash,Salt from users WHERE Name= ?',(username,))
	
	rows = c.fetchone()

	PassHash = rows[0]
	Salt = rows[1]
	
	SaltedHash = pass_salt_algo(old_password,Salt)	
	if SaltedHash != PassHash:
		result['status'] = INVALID_PASSWORD
		return 0

	NewSaltedHash = pass_salt_algo(new_password,Salt)	

	#Update password 
	result['status'] = SUCCESS
	c.execute('UPDATE users SET PassHash=? WHERE Name=?',(NewSaltedHash,username))
	c.execute('UPDATE users SET LastSession=NULL WHERE Name=?',(username,))
		
db = DbConnect()
TryLogin()
db.commit()
db.close()
print(json.dumps(result))