package photosapi

import (
	"crypto"
	"encoding/base64"
	"errors"
	"net/http"
	"time"

	"github.com/gin-gonic/gin"
	"gopkg.in/validator.v2"
	"gorm.io/gorm"
)

// Errors
var (
	ErrAccountExists = errors.New("account exists")
	ErrAccountAuth   = errors.New("login or password incorrect")
)

// Model
type Account struct {
	ID                uint32    `gorm:"primary_key" json:"-"`
	Login             string    `gorm:"unique;size:64;not null" json:"login"`
	Password          string    `gorm:"-" json:"-"`
	EncryptedPassword string    `gorm:"size:44;not null" json:"-"`
	CreatedAt         time.Time `json:"created_at"`
	UpdatedAt         time.Time `json:"-"`
}

func (a *Account) BeforeCreate(tx *gorm.DB) error {
	if a.EncryptedPassword == "" {
		a.EncryptPassword()
	}
	return nil
}

func (a *Account) EncryptPassword() {
	sha1 := crypto.SHA256.New()
	sha1.Write([]byte(a.Password))
	a.EncryptedPassword = base64.StdEncoding.EncodeToString(sha1.Sum(nil))
}

func NewAccount(login string, password string) *Account {
	a := &Account{
		Login:    login,
		Password: password,
	}
	a.EncryptPassword()
	return a
}

// Service
type SignupOrLoginRequest struct {
	Login    string `validate:"min=3,max=40,regexp=^[a-zA-Z0-9]*$"`
	Password string `validate:"min=8,max=40"`
}

func (s *Service) Signup(c *gin.Context) {
	var account *SignupOrLoginRequest

	if err := c.ShouldBindJSON(&account); err != nil {
		s.Error(c, http.StatusBadRequest, err)
		return
	}
	if err := validator.Validate(account); err != nil {
		s.Error(c, http.StatusExpectationFailed, err)
		return
	}

	var accountExists int64
	if err := s.DB.Model(&Account{}).Where("login = ?", account.Login).Count(&accountExists).Error; err != nil {
		s.Error(c, http.StatusInternalServerError, err)
		return
	}
	if accountExists > 0 {
		s.Error(c, http.StatusConflict, ErrAccountExists)
		return
	}
	if err := s.DB.Create(NewAccount(account.Login, account.Password)).Error; err != nil {
		s.Error(c, http.StatusConflict, err)
		return
	}

	c.JSON(http.StatusOK, gin.H{
		"status": "success",
	})
}

func (s *Service) Login(c *gin.Context) {
	var account *SignupOrLoginRequest

	if err := c.ShouldBindJSON(&account); err != nil {
		s.Error(c, http.StatusBadRequest, err)
		return
	}

	session, err := NewSession(s.DB, account.Login, account.Password)
	if err != nil {
		if errors.Is(err, gorm.ErrRecordNotFound) {
			s.Error(c, http.StatusNotFound, ErrAccountAuth)
		} else {
			s.Error(c, http.StatusInternalServerError, err)
		}
		return
	}

	c.JSON(http.StatusOK, gin.H{
		"status": "success",
		"token":  session.Token,
	})
}

func (s *Service) Logout(c *gin.Context) {
	res := s.DB.Where("token = ?", c.GetString("token")).Delete(&Session{})
	if res.Error != nil {
		s.Error(c, http.StatusInternalServerError, res.Error)
		return
	}
	if res.RowsAffected == 0 {
		s.Error(c, http.StatusNotFound, ErrSessionNotFound)
		return
	}
	c.JSON(http.StatusOK, gin.H{
		"status": "success",
	})
}

func (s *Service) AccountInit() {
	ac := s.Gin.Group("/account")
	ac.POST("/signup", s.Signup)
	ac.POST("/login", s.Login)
	ac.GET("/logout", s.RequireAuthToken, s.Logout)
}