package controllers

import (
	"errors"
	"html"
	"log"
	"net/http"
	"strings"

	"ccsecrets/models"
	"ccsecrets/utils/token"

	"github.com/gin-gonic/gin"
	"golang.org/x/crypto/bcrypt"
)

type RegisterInput struct {
	Username string `json:"username" binding:"required"`
	Password string `json:"password" binding:"required"`
	RoleId   int    `json:"roleid"`
}

type LoginInput struct {
	Username string `json:"username" binding:"required"`
	Password string `json:"password" binding:"required"`
}

func Register(c *gin.Context) {
	var input RegisterInput

	if err := c.ShouldBindJSON(&input); err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		return
	}

	u := models.User{}
	//u.RoleId = 1
	u.UserName = input.Username
	u.Password = input.Password

	// Default to regular user role if not specified
	if input.RoleId == 0 {
		log.Printf("Register no role specified, defaulting to RoleId of 2.\n")
		u.RoleId = 2
	} else {
		u.RoleId = input.RoleId
	}

	//remove spaces in username
	u.UserName = html.EscapeString(strings.TrimSpace(u.UserName))

	// Check if user already exists
	testUser, _ := models.GetUserByName(u.UserName)
	log.Printf("Register checking if user '%s' already exists\n", u.UserName)
	if (models.User{} == testUser) {
		log.Printf("Register confirmed no existing username\n")
	} else {
		err := errors.New("attempt to register conflicting username '" + u.UserName + "'")
		log.Printf("Register error : '%s'\n", err)
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		return
	}

	//turn password into hash
	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(u.Password), bcrypt.DefaultCost)
	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"Error hashing password": err.Error()})
		return
	} else {
		//log.Printf("Register generated hashed password value '%s' from '%s'\n", string(hashedPassword), input.Password)
		log.Printf("Register generated hashed password value '%s'\n", string(hashedPassword))
	}
	u.Password = string(hashedPassword)

	_, err = u.SaveUser()

	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"Error saving user": err.Error()})
		return
	}

	c.JSON(http.StatusOK, gin.H{"message": "registration success"})
}

func Login(c *gin.Context) {

	var input LoginInput

	if err := c.ShouldBindJSON(&input); err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		return
	}

	u := models.User{}

	u.UserName = input.Username
	u.Password = input.Password

	log.Printf("Login checking username '%s' and password length '%d'\n", u.UserName, len(u.Password))

	token, err := models.LoginCheck(u.UserName, u.Password)

	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": "username or password is incorrect."})
		return
	} else {
		log.Printf("Login verified, returning token '%s'\n", token)
	}

	c.JSON(http.StatusOK, gin.H{"access_token": token})

}

func CurrentUser(c *gin.Context) {

	user_id, err := token.ExtractTokenID(c)

	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		return
	}

	u, err := models.GetUserByID(user_id)

	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		return
	}

	c.JSON(http.StatusOK, gin.H{"message": "success", "data": u})
}

func GetRoles(c *gin.Context) {
	roles, err := models.QueryRoles()

	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		return
	}

	c.JSON(http.StatusOK, gin.H{"message": "success", "data": roles})

}

func GetUsers(c *gin.Context) {
	users, err := models.QueryUsers()

	if err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		return
	}

	c.JSON(http.StatusOK, gin.H{"message": "success", "data": users})

}