package handlers

import (
	"time"
	"ttime/internal/types"

	"github.com/gofiber/fiber/v2"
	"github.com/golang-jwt/jwt/v5"
)

// Register is a simple handler that registers a new user
//
//	@Summary		Register a new user
//	@Description	Register a new user
//	@Tags			User
//	@Accept			json
//	@Produce		json
//	@Success		200	{string}	string	"User added"
//	@Failure		400	{string}	string	"Bad request"
//	@Failure		500	{string}	string	"Internal server error"
//	@Router			/api/register [post]
func (gs *GState) Register(c *fiber.Ctx) error {
	u := new(types.NewUser)
	if err := c.BodyParser(u); err != nil {
		return c.Status(400).SendString(err.Error())
	}

	if err := gs.Db.AddUser(u.Username, u.Password); err != nil {
		return c.Status(500).SendString(err.Error())
	}

	return c.Status(200).SendString("User added")
}

// This path should obviously be protected in the future
// UserDelete deletes a user from the database
func (gs *GState) UserDelete(c *fiber.Ctx) error {
	// Read from path parameters
	username := c.Params("username")

	// Read username from Locals
	auth_username := c.Locals("user").(*jwt.Token).Claims.(jwt.MapClaims)["name"].(string)

	if username != auth_username {
		return c.Status(403).SendString("You can only delete yourself")
	}

	if err := gs.Db.RemoveUser(username); err != nil {
		return c.Status(500).SendString(err.Error())
	}

	return c.Status(200).SendString("User deleted")
}

// Login is a simple login handler that returns a JWT token
func (gs *GState) Login(c *fiber.Ctx) error {
	// The body type is identical to a NewUser
	u := new(types.NewUser)
	if err := c.BodyParser(u); err != nil {
		println("Error parsing body")
		return c.Status(400).SendString(err.Error())
	}

	println("Username:", u.Username)
	if !gs.Db.CheckUser(u.Username, u.Password) {
		println("User not found")
		return c.SendStatus(fiber.StatusUnauthorized)
	}

	// Create the Claims
	claims := jwt.MapClaims{
		"name":  u.Username,
		"admin": false,
		"exp":   time.Now().Add(time.Hour * 72).Unix(),
	}

	// Create token
	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
	println("Token created for user:", u.Username)

	// Generate encoded token and send it as response.
	t, err := token.SignedString([]byte("secret"))
	if err != nil {
		println("Error signing token")
		return c.SendStatus(fiber.StatusInternalServerError)
	}

	println("Successfully signed token for user:", u.Username)
	return c.JSON(fiber.Map{"token": t})
}

// LoginRenew is a simple handler that renews the token
func (gs *GState) LoginRenew(c *fiber.Ctx) error {
	// For testing: curl localhost:3000/restricted -H "Authorization: Bearer <token>"
	user := c.Locals("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	claims["exp"] = time.Now().Add(time.Hour * 72).Unix()
	renewed := jwt.MapClaims{
		"name":  claims["name"],
		"admin": claims["admin"],
		"exp":   claims["exp"],
	}
	token := jwt.NewWithClaims(jwt.SigningMethodHS256, renewed)
	t, err := token.SignedString([]byte("secret"))
	if err != nil {
		return c.SendStatus(fiber.StatusInternalServerError)
	}
	return c.JSON(fiber.Map{"token": t})
}

// ListAllUsers is a handler that returns a list of all users in the application database
func (gs *GState) ListAllUsers(c *fiber.Ctx) error {
	// Get all users from the database
	users, err := gs.Db.GetAllUsersApplication()
	if err != nil {
		return c.Status(500).SendString(err.Error())
	}

	// Return the list of users as JSON
	return c.JSON(users)
}