#
# user_auth_lib
#
# authenticates users by certifcate for scripts
# running on scripts-cert.mit.edu
#
# author:  Asfandyar Qureshi
# copying: MIT license

import os

def get_user_info():
    """
    Gets info on SSL authenticated user.

    This will only work if the Python script has been
    invoked from a URL starting with:

        https://scripts-cert.mit.edu

    returns:
        <None> if the user hasn't been authenticated, or
        the dictionary <d> with the following keys:
        'user', 'email', 'name'
    """
    if 'SSL_CLIENT_VERIFY' in os.environ and\
       os.environ['SSL_CLIENT_VERIFY'] == 'SUCCESS' and\
       'SSL_CLIENT_S_DN_Email' in os.environ:
        
        email = os.environ['SSL_CLIENT_S_DN_Email']
        user = email.split('@')[0]
        name = os.environ['SSL_CLIENT_S_DN_CN']

        return {'user':user, 'email':email, 'name':name }
    else:
        return None