package auth

import (
	"encoding/json"
	"log"
	"net/http"

	"gitea.local/admin/hspguard/internal/repository"
	"gitea.local/admin/hspguard/internal/util"
	"gitea.local/admin/hspguard/internal/web"
)

type LoginParams struct {
	Email    string `json:"email"`
	Password string `json:"password"`
}

func (h *AuthHandler) login(w http.ResponseWriter, r *http.Request) {
	var params LoginParams

	decoder := json.NewDecoder(r.Body)
	if err := decoder.Decode(&params); err != nil {
		web.Error(w, "failed to parse request body", http.StatusBadRequest)
		return
	}

	if params.Email == "" || params.Password == "" {
		web.Error(w, "missing required fields", http.StatusBadRequest)
		return
	}

	log.Printf("DEBUG: looking for user with following params: %#v\n", params)

	user, err := h.repo.FindUserEmail(r.Context(), params.Email)
	if err != nil {
		log.Printf("DEBUG: No user found with '%s' email: %v\n", params.Email, err)
		web.Error(w, "email or/and password are incorrect", http.StatusBadRequest)
		return
	}

	if !util.VerifyPassword(params.Password, user.PasswordHash) {
		log.Printf("DEBUG: Incorrect password '%s' for '%s' email: %v\n", params.Password, params.Email, err)
		web.Error(w, "email or/and password are incorrect", http.StatusBadRequest)
		return
	}

	access, refresh, err := h.signTokens(&user)
	if err != nil {
		web.Error(w, "failed to generate tokens", http.StatusInternalServerError)
		return
	}

	userAgent := r.UserAgent()

	ipAddr := util.GetClientIP(r)
	deviceInfo := util.BuildDeviceInfo(userAgent, ipAddr)

	// Create User Session
	session, err := h.repo.CreateUserSession(r.Context(), repository.CreateUserSessionParams{
		UserID:         user.ID,
		SessionType:    "user",
		ExpiresAt:      &refresh.ExpiresAt,
		LastActive:     nil,
		IpAddress:      &ipAddr,
		UserAgent:      &userAgent,
		AccessTokenID:  &access.ID,
		RefreshTokenID: &refresh.ID,
		DeviceInfo:     deviceInfo,
	})
	if err != nil {
		log.Printf("ERR: Failed to create user session after logging in: %v\n", err)
	}

	log.Printf("INFO: User session created for '%s' with '%s' id\n", user.Email, session.ID.String())

	if err := h.repo.UpdateLastLogin(r.Context(), user.ID); err != nil {
		web.Error(w, "failed to update user's last login", http.StatusInternalServerError)
		return
	}

	encoder := json.NewEncoder(w)

	type Response struct {
		AccessToken  string `json:"access"`
		RefreshToken string `json:"refresh"`
		// fields required for UI in account selector, e.g. email, full name and avatar
		FullName       string  `json:"full_name"`
		Email          string  `json:"email"`
		Id             string  `json:"id"`
		ProfilePicture *string `json:"profile_picture"`
		// Avatar
	}

	w.Header().Set("Content-Type", "application/json")

	if err := encoder.Encode(Response{
		AccessToken:    access.Token,
		RefreshToken:   refresh.Token,
		FullName:       user.FullName,
		Email:          user.Email,
		Id:             user.ID.String(),
		ProfilePicture: user.ProfilePicture,
		// Avatar
	}); err != nil {
		web.Error(w, "failed to encode response", http.StatusInternalServerError)
	}
}