<?php
	error_reporting(E_ALL ^ E_NOTICE);

	include_once('../include/lucidAuth.functions.php');

    // Start with checking $_REQUEST['ref']
	// What do we need?
	//   token again?

	// approach 1:
	//   origin domain, so we can intersect with $settings->Session['CookieDomains'] and iterate through the remaining domains, serving them in one page (which contains iframes already)
	//   this might be slower because it means one additional roundtrip between client and server

	// approach 2:
	//   let the client setup multiple iframes for all domains other than origin domains
	//   this requires passing an array of domains to the client in asynchronous reply; which feels insecure

	if (!empty($_REQUEST['ref'])) {
		try {
			$queryString = json_decode(base64_decode($_REQUEST['ref']), JSON_OBJECT_AS_ARRAY);
		}
		catch (Exception $e) {
			// Silently fail, unless explicitly specified otherwise
			if ($settings->Debug['Verbose']) throw new Exception($e);
            exit;
		}

        switch ($queryString['action']) {
            case 'login':
                break;
            default:
                break;
        }
	}

	include_once('../include/lucidAuth.template.php');

	echo sprintf($pageLayout['bare'],
		'// iFrames go here'
	);
?>