package controllers

import (
	"ccsecrets/models"
	"fmt"
	"net/http"

	"github.com/gin-gonic/gin"
)

// bindings are validated by https://github.com/go-playground/validator
type StoreInput struct {
	RoleId         int    `json:"roleId"`
	DeviceName     string `json:"deviceName"`
	DeviceCategory string `json:"devicCategory"`
	UserName       string `json:"userName" binding:"required"`
	SecretValue    string `json:"secretValue" binding:"required"`
}

func StoreSecret(c *gin.Context) {
	var err error
	var input StoreInput

	if err := c.ShouldBindJSON(&input); err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		return
	}

	fmt.Printf("StoreSecret received JSON input '%v'\n", input)

	// Populate fields
	s := models.Secret{}
	s.UserName = input.UserName
	s.DeviceName = input.DeviceName
	s.DeviceCategory = input.DeviceCategory

	// Default role ID is 1 if not defined
	if input.RoleId != 0 {
		s.RoleId = input.RoleId
	} else {
		s.RoleId = 1
	}

	// Encrypt secret
	s.Secret = input.SecretValue
	_, err = s.EncryptSecret()
	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"Error encrypting secret": err.Error()})
		return
	}

	// This is just here for testing to make sure that decryption works
	/*
		_, err = s.DecryptSecret()
		if err != nil {
			c.JSON(http.StatusBadRequest, gin.H{"Error decrypting secret": err.Error()})
			return
		}
	*/
	_, err = s.SaveSecret()
	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"Error saving secret": err.Error()})
		return
	}

	c.JSON(http.StatusOK, gin.H{"message": "secret stored successfully"})
}