/*
ScheduleTogether Backend
Copyright (C) 2024, Marco Vitchi Thulin

DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License version 3
as published by the Free Software Foundation.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Affero General Public License version 3 for more details.

This program incorporates external libraries for certain functionalities.
These libraries are covered by their respective licenses, and their usage
agreements are as outlined in their respective documentation or source
code.

You should have received a copy of the GNU Affero General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

package accounts

import (
	"time"

	"github.com/google/uuid"
	"github.com/kataras/iris/v12"
	"github.com/kataras/iris/v12/middleware/jwt"
	"golang.org/x/crypto/bcrypt"

	db "git.zervo.org/scheduletogether/backend/internal/database"
	"git.zervo.org/scheduletogether/backend/pkg/helpers/config"
	"git.zervo.org/scheduletogether/backend/pkg/types"
)

// AccountSignin_Service signs in a user and returns a jwt token
func AccountSignin_Service(ctx iris.Context, req types.AccountLoginRequest) {
	cfg, err := config.LoadConfig()
	if err != nil {
		ctx.StatusCode(iris.StatusInternalServerError)
		ctx.JSON(types.CommonErrorResponse{
			Error: "An error occured while registering your account, please try again later",
		})
		return
	}

	// Create signer
	signer := jwt.NewSigner(jwt.HS256, []byte(cfg.JWTSecret), time.Duration(cfg.JWTExpiration)*time.Minute)

	// Check if user exists
	var user db.User
	err = db.Db.Where("username = ?", req.Username).First(&user).Error
	if err != nil {
		ctx.StatusCode(iris.StatusUnauthorized)
		ctx.JSON(types.CommonErrorResponse{
			Error: "Invalid username or password",
		})
		return
	}

	// Check if user is verified
	if !user.Verified {
		ctx.StatusCode(iris.StatusUnauthorized)
		ctx.JSON(types.CommonErrorResponse{
			Error: "Please verify your account",
		})
		return
	}

	// Check if password is correct
	err = bcrypt.CompareHashAndPassword([]byte(user.Hash), []byte(req.Password))
	if err != nil {
		ctx.StatusCode(iris.StatusUnauthorized)
		ctx.JSON(types.CommonErrorResponse{
			Error: "Invalid username or password",
		})
		return
	}

	// Generate a JWT Id
	generated_jti, err := uuid.NewRandom()
	if err != nil {
		ctx.StopWithError(iris.StatusInternalServerError, err)
		return
	}
	jti := generated_jti.String()

	// Create claims
	claims := &types.Claims{
		UserId:   user.ID,
		Role:     user.Role,
		Username: user.Username,
		Email:    user.Email,
	}

	// Sign token
	token, err := signer.Sign(claims, jwt.Claims{
		ID:     jti,
		Issuer: "scheduletogether",
	})
	if err != nil {
		ctx.StatusCode(iris.StatusInternalServerError)
		ctx.JSON(types.CommonErrorResponse{
			Error: "An error occured, please try again later",
		})
		return
	}

	// Return token
	ctx.JSON(types.AccountSigninResponse{
		Token: string(token),
	})
}