package mongo

import (
	"context"
	"fmt"

	"git.acooldomain.co/server-manager/backend-kubernetes-go/dbhandler"
	"git.acooldomain.co/server-manager/backend-kubernetes-go/models"
	"go.mongodb.org/mongo-driver/bson"
	"go.mongodb.org/mongo-driver/mongo"
	"go.mongodb.org/mongo-driver/mongo/options"
)

type AuthUser struct {
	Username       string            `json:"username"`
	HashedPassword string            `json:"hashed_password"`
	Permissions    models.Permission `json:"permissions"`
}

type Invite struct {
	Email        string `json:"email"`
	InvitingUser string `json:"inviting_user"`
	Token        string `json:"token"`
}

type MongoDbUserPassHandler struct {
	dbhandler.UserPassAuthanticationDbHandler
	collection *mongo.Collection
}

func (self *MongoDbUserPassHandler) AuthenticateUser(username string, password string) (models.Permission, error) {
	var user AuthUser
	err := self.collection.FindOne(context.Background(), bson.D{bson.E{Key: "username", Value: username}}).Decode(&user)

	if err != nil {
		return 0, err
	}

	hashedPassword, err := dbhandler.HashPassword(password)

	if err != nil {
		return 0, err
	}

	if user.HashedPassword != hashedPassword {
		return 0, fmt.Errorf("Incorrect Password")
	}

	return user.Permissions, nil
}

func (self *MongoDbUserPassHandler) CreateUser(
	username string,
	password string,
	permissions models.Permission,
) error {
	hashedPassword, err := dbhandler.HashPassword(password)

	if err != nil {
		return err
	}

	_, err = self.collection.InsertOne(context.Background(), &AuthUser{
		Username:       username,
		HashedPassword: hashedPassword,
		Permissions:    permissions,
	})

	return err
}

func (self *MongoDbUserPassHandler) RemoveUser(username string) error {
	_, err := self.collection.DeleteOne(
		context.Background(),
		bson.D{
			{Key: "username", Value: username},
		},
	)

	return err
}

func (self *MongoDbUserPassHandler) SetPermissions(
	username string,
	permissions models.Permission,
) error {
	_, err := self.collection.UpdateOne(
		context.Background(),
		bson.D{
			{Key: "username", Value: username},
		},
		bson.M{
			"$set": bson.M{
				"permissions": permissions,
			},
		},
	)

	return err
}

func NewUserPassAuthHandler(config models.MongoDBConfig) (*MongoDbUserPassHandler, error) {
	clientOptions := options.Client().ApplyURI(config.Url).SetAuth(options.Credential{
		Username: config.Username,
		Password: config.Password,
	})

	client, err := mongo.Connect(context.TODO(), clientOptions)

	if err != nil {
		return nil, err
	}

	return &MongoDbUserPassHandler{
		collection: client.Database(config.Database).Collection(config.Collection),
	}, nil
}