package auth

import (
	"errors"
	"system-trace/core/constants"
	"system-trace/core/database"
	"system-trace/core/services/users"
	"system-trace/core/types"
	"system-trace/core/validators"
	"time"

	"github.com/gofiber/fiber/v2"
)

// MARK: ReqTokens godoc
// @Summary      Request pair of tokens
// @Description  Returns pair of access and refresh tokens
// @Tags         auth
// @Produce      json
// @Param        request body types.AuthBody true "Request body"
// @Header			 200 {string} Set-Cookie "accessToken=..."
// @Header			 200 {string} Set-Cookie "refreshToken=..."
// @Success 		 200
// @Router       /auth/login [post]
func ReqTokensHandler(c *fiber.Ctx) error {
	ab := new(types.AuthBody)
	if err := c.BodyParser(ab); err != nil {
		return c.Status(fiber.StatusBadRequest).JSON(types.JSONError{
			Error: err.Error(),
		})
	}

	if err := validators.Validate(c, ab); err != nil {
		return c.Status(fiber.StatusBadRequest).JSON(types.JSONError{
			Error: err.Error(),
		})
	}

	u, err := database.FindByEmailAndPassword(ab.Email, ab.Password)
	if err != nil {
		e := err.Error()
		if e == "sql: no rows in result set" {
			e = constants.AUTH_FAILED
		}
		return c.
			Status(fiber.StatusBadRequest).
			JSON(types.JSONError{
				Error: e,
			})
	}

	if u != nil {
		err = GeneratePairAndSetCookie(c, u.ID)
		if err != nil {
			return c.
				Status(fiber.StatusBadRequest).
				JSON(types.JSONError{
					Error: err.Error(),
				})
		}

		err = users.SetLoginTime(u)
		if err != nil {
			return c.
				Status(fiber.StatusBadRequest).
				JSON(types.JSONError{
					Error: err.Error(),
				})
		}
		return c.SendStatus(fiber.StatusOK)
	}

	return errors.New(constants.AUTH_FAILED)
}

func GeneratePairAndSetCookie(c *fiber.Ctx, id int32) error {
	p, err := genPair(id)
	if err != nil {
		return err
	}
	setCookie(c, p)

	return nil
}

func setCookie(c *fiber.Ctx, p *types.PairTokens) {
	// Access token
	atc := new(fiber.Cookie)
	atc.Name = "accessToken"
	atc.Value = p.AccessToken
	atc.Expires = time.Now().Add(time.Duration(AccessTokenLifetime) * time.Hour)
	atc.Secure = true
	atc.HTTPOnly = true
	c.Cookie(atc)
	// Refresh token
	rtc := new(fiber.Cookie)
	rtc.Name = "refreshToken"
	rtc.Value = p.RefreshToken
	rtc.Expires = time.Now().Add(time.Duration(RefreshTokenLifetime) * time.Hour)
	rtc.Secure = true
	rtc.HTTPOnly = true
	c.Cookie(rtc)
}