package controllers

import (
	"multitenantStack/models"
	companydb "multitenantStack/services/companydbservice"

	jwtservice "multitenantStack/services/jwtservice"
	"time"

	"github.com/astaxie/beego/orm"
	jwt "github.com/dgrijalva/jwt-go"
)

// AuthController operations for Auth
type AuthController struct {
	BaseController
}

// URLMapping ...
func (c *AuthController) URLMapping() {
	// This block is used to drastically speed up the annotation -> lookup process
	c.Mapping("Login", c.Login)
	c.Mapping("GetOne", c.GetOne)
	c.Mapping("GetAll", c.GetAll)
	c.Mapping("Put", c.Put)
	c.Mapping("Delete", c.Delete)
}

// Login Get a JWT token for the user
// @Title Create
// @Description create Auth
// @Param	body		body 	models.Auth	true		"body for Auth content"
// @Success 201 {object} models.Auth
// @Failure 403 body is empty
// @router /login [post]
func (c *AuthController) Login() {

	type AuthResponse struct {
		Status int
		Jwt    string
	}

	if c.Ctx.Input.Method() != "POST" {
		c.ServeJSONError("Method not allowed")
		return
	}

	tokenHeader := c.Ctx.Request.Header.Get("X-JWTtoken")
	if tokenHeader != "" {
		valid, _ := jwtservice.Validate(tokenHeader)
		if valid {
			c.ServeJSONError("You are already logged in")
			return
		}
	}

	email := c.GetString("email")
	password := c.GetString("password")

	if email == "" || password == "" {
		c.ServeJSONError("Email/Password missing")
		return
	}
	/*
		systemdb := companydb.GetSystemDatabase()

		if systemdb == nil {
			c.ServeJSONError("Error retrieving User")
			return
		}
		o, err := orm.NewOrmWithDB("postgres", "default", systemdb)
		if err != nil {
			c.ServeJSONError("Error retrieving User")
			return
		}
	*/
	o := orm.NewOrm()
	o.Using("system") //TODO: Replace this with something cleverer (manager) once implemented

	userCompanyMapping, err := models.GetUserCompanyMapByEmail(o, email)
	if err != nil {
		c.ServeJSONError("Error retrieving User")
		return
	}

	if password != userCompanyMapping.PasswordHash { // TODO: Hash me
		c.ServeJSONError("Email/Password incorrect")
		return
	}

	companyName := userCompanyMapping.Company
	companyUserID := userCompanyMapping.CompanyUserID

	db, err := companydb.GetDatabaseWithName(companyName)
	if err != nil {
		c.ServeJSONError("Error retrieving Company")
		return
	}

	o, err = orm.NewOrmWithDB("postgres", "default", db)
	if err != nil {
		c.ServeJSONError("Error retrieving CompanyData")
		return
	}

	companyUser, err := models.GetCompanyUserById(o, int(companyUserID))
	if err != nil {
		c.ServeJSONError("Error retrieving Company User")
		return
	}

	//TODO: if found query the company database to get roleID, and name

	name := companyUser.Name
	roleID := companyUser.Role

	tokenString := ""
	if email == "admin@admin.at" && password == "my password" {
		// The jwtClaims are our trusted clientside session
		tokenString = jwtservice.CreateToken(jwt.MapClaims{
			"email":         email,
			"companyName":   companyName,
			"companyUserID": companyUserID,
			"name":          name,
			"roleID":        roleID,
			"exp":           time.Now().Unix() + 3600,
		})
	} else {
		c.ServeJSONError("Invalid user/password")
		return
	}

	json := AuthResponse{200, tokenString}
	c.Data["json"] = &json

	c.ServeJSON()
}

// GetOne ...
// @Title GetOne
// @Description get Auth by id
// @Param	id		path 	string	true		"The key for staticblock"
// @Success 200 {object} models.Auth
// @Failure 403 :id is empty
// @router /:id [get]
func (c *AuthController) GetOne() {

}

// GetAll ...
// @Title GetAll
// @Description get Auth
// @Param	query	query	string	false	"Filter. e.g. col1:v1,col2:v2 ..."
// @Param	fields	query	string	false	"Fields returned. e.g. col1,col2 ..."
// @Param	sortby	query	string	false	"Sorted-by fields. e.g. col1,col2 ..."
// @Param	order	query	string	false	"Order corresponding to each sortby field, if single value, apply to all sortby fields. e.g. desc,asc ..."
// @Param	limit	query	string	false	"Limit the size of result set. Must be an integer"
// @Param	offset	query	string	false	"Start position of result set. Must be an integer"
// @Success 200 {object} models.Auth
// @Failure 403
// @router / [get]
func (c *AuthController) GetAll() {

}

// Put ...
// @Title Put
// @Description update the Auth
// @Param	id		path 	string	true		"The id you want to update"
// @Param	body		body 	models.Auth	true		"body for Auth content"
// @Success 200 {object} models.Auth
// @Failure 403 :id is not int
// @router /:id [put]
func (c *AuthController) Put() {

}

// Delete ...
// @Title Delete
// @Description delete the Auth
// @Param	id		path 	string	true		"The id you want to delete"
// @Success 200 {string} delete success!
// @Failure 403 id is empty
// @router /:id [delete]
func (c *AuthController) Delete() {

}