package auth

import (
	"fmt"
	"database/sql"
	"encoding/json"
	"git.minhas.io/asara/sudoscientist/packages/users"
	"github.com/dgrijalva/jwt-go"
	"github.com/go-chi/chi"
	"github.com/go-chi/jwtauth"
	"github.com/go-chi/render"
	"golang.org/x/crypto/bcrypt"
	"net/http"
)

var (
	DB        *sql.DB
	TokenAuth *jwtauth.JWTAuth
)

type Credentials struct {
	Username string `json:"username", db:"username"`
	Password string `json:"password", db:"password"`
}

func Init() {
	DB.Exec("CREATE TABLE IF NOT EXISTS users (username text primary key, password text, admin boolean);" )
}

func Routes() *chi.Mux {
	router := chi.NewRouter()
	router.Post("/signin", Signin)
	router.Post("/signup", Signup)
	return router
}

func Signup(w http.ResponseWriter, r *http.Request) {
	creds := &Credentials{}
	err := json.NewDecoder(r.Body).Decode(creds)
	if err != nil {
		w.WriteHeader(http.StatusBadRequest)
		return
	}
	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(creds.Password), 10)
	s := `INSERT INTO users (username, password, admin)
          VALUES ($1, $2, $3)`
	if _, err = DB.Exec(s, creds.Username, string(hashedPassword), false); err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		fmt.Println(err)
		return
	}
	users.CreateProfile(creds.Username)
	w.WriteHeader(http.StatusCreated)
}

func Signin(w http.ResponseWriter, r *http.Request) {
	creds := &Credentials{}
	err := json.NewDecoder(r.Body).Decode(creds)
	if err != nil {
		w.WriteHeader(http.StatusBadRequest)
		return
	}
	result := DB.QueryRow("SELECT password FROM users WHERE username=$1", creds.Username)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		return
	}
	storedCreds := &Credentials{}
	err = result.Scan(&storedCreds.Password)
	if err != nil {
		if err == sql.ErrNoRows {
			w.WriteHeader(http.StatusUnauthorized)
			return
		}
		w.WriteHeader(http.StatusInternalServerError)
		return
	}
	if err = bcrypt.CompareHashAndPassword([]byte(storedCreds.Password), []byte(creds.Password)); err != nil {
		w.WriteHeader(http.StatusUnauthorized)
	}
	_, tokenString, _ := TokenAuth.Encode(jwt.MapClaims{
		"username": creds.Username,
	})
	w.WriteHeader(http.StatusOK)
	render.JSON(w, r, tokenString)
}