<?php
function check_auth_ldap () {
    $sessionTimeoutSecs = 300;
    $ldapServer = '127.0.0.1';
    $ldapPort = 389;
  
    if (!isset($_SESSION)) {
        session_start();
    }
  
    if (!empty($_SESSION['lastactivity']) && $_SESSION['lastactivity'] > time() - $sessionTimeoutSecs && !isset($_POST['logout'])) {
      // Session is already authenticated
      // echo 'Renewing session activity';
      $con = ldap_connect($ldapServer, $ldapPort);
      if (ldap_bind($con, $_SESSION['ldap_dn'], $_SESSION['password'])) {
        $_SESSION['lastactivity'] = time();
        return $con;
      } else {
        unset($_SESSION['lastactivity'], $_SESSION['username'], $_SESSION['password']);
        header("Location: endSession.php");
        exit;
      }
    } else if (isset($_POST['username'], $_POST['password'])) {
      // Handle login requests
      $user = $_POST['username'];
      $pass = $_POST['password'];
      $ldap_dn = 'cn=' . $username . 'root,dc=example,dc=com';
      $ldap_password = $pass;
      
      $con = ldap_connect($ldapServer, $ldapPort);
      ldap_set_option($ldap_con, LDAP_OPT_PROTOCOL_VERSION, 3);
      
      if (ldap_bind($con, $ldap_dn, $ldap_password)) {
        // Successful auth
        $_SESSION['lastactivity'] = time();
        $_SESSION['username'] = $_POST['username'];
        $_SESSION['ldap_dn'] = $ldap_dn;
        $_SESSION['password'] = $_POST['password'];
        // echo 'Success';
        return $con;
      } else {
        // Auth failed
        echo 'Auth failed';
        header("Location: endSession.php");
        exit;
      }
    } else {
      // Session has expired or a logout was requested
      unset($_SESSION['lastactivity'], $_SESSION['username'], $_SESSION['password']);
      header("Location: endSession.php");
      exit;
    }
}
// check_auth_ldap();
?>