package mongo

import (
	"context"
	"fmt"
	"time"

	"git.acooldomain.co/server-manager/backend-kubernetes-go/dbhandler"
	"git.acooldomain.co/server-manager/backend-kubernetes-go/models"
	"go.mongodb.org/mongo-driver/bson"
	"go.mongodb.org/mongo-driver/mongo"
	"go.mongodb.org/mongo-driver/mongo/options"
)

type AuthUser struct {
	Username       string            `json:"username"`
	HashedPassword string            `json:"hashed_password"`
	Permissions    models.Permission `json:"permissions"`
}

type Invite struct {
	Email        string `json:"email"`
	InvitingUser string `json:"inviting_user"`
	Token        string `json:"token"`
}

type UserPassAuthenticationDbHandler struct {
	dbhandler.UserPassAuthanticationDbHandler
	collection *mongo.Collection
}

func (self *UserPassAuthenticationDbHandler) AuthenticateUser(ctx context.Context, username string, password string) (models.Permission, error) {
	var user AuthUser
	err := self.collection.FindOne(ctx, bson.M{"username": username}).Decode(&user)

	if err != nil {
		return 0, err
	}

	hashedPassword, err := dbhandler.HashPassword(password)

	if err != nil {
		return 0, err
	}

	if user.HashedPassword != hashedPassword {
		return 0, fmt.Errorf("Incorrect Password")
	}

	return user.Permissions, nil
}

func (self *UserPassAuthenticationDbHandler) CreateUser(
	ctx context.Context,
	username string,
	password string,
	permissions models.Permission,
) error {
	hashedPassword, err := dbhandler.HashPassword(password)

	if err != nil {
		return err
	}

	_, err = self.collection.InsertOne(ctx, &AuthUser{
		Username:       username,
		HashedPassword: hashedPassword,
		Permissions:    permissions,
	})

	return err
}

func (self *UserPassAuthenticationDbHandler) RemoveUser(ctx context.Context, username string) error {
	_, err := self.collection.DeleteOne(
		ctx,
		bson.M{
			"username": username,
		},
	)

	return err
}

func (self *UserPassAuthenticationDbHandler) SetPermissions(
	ctx context.Context,
	username string,
	permissions models.Permission,
) error {
	_, err := self.collection.UpdateOne(
		ctx,
		bson.M{
			"username": username,
		},
		bson.M{
			"$set": bson.M{
				"permissions": permissions,
			},
		},
	)

	return err
}

func NewUserPassAuthHandler(config models.MongoDBConfig) (*UserPassAuthenticationDbHandler, error) {
	clientOptions := options.Client().ApplyURI(config.Url).SetAuth(options.Credential{
		Username: config.Username,
		Password: config.Password,
	})

	ctx, cancel := context.WithTimeoutCause(context.Background(), 30*time.Second, fmt.Errorf("Timeout"))
	defer cancel()

	client, err := mongo.Connect(ctx, clientOptions)

	if err != nil {
		return nil, err
	}

	return &UserPassAuthenticationDbHandler{
		collection: client.Database(config.Database).Collection(config.Collection),
	}, nil
}