package main

import (
	"log"
	"net/http"

	"golang.org/x/crypto/bcrypt"
)

func isMethodAllowed(response *http.ResponseWriter, request *http.Request) bool {
	if request.Method != http.MethodPost {
		http.Error(*response, "POST only", http.StatusMethodNotAllowed)
		return false
	}
	return true
}

func RegisterHandler(response http.ResponseWriter, request *http.Request) {
	if !isMethodAllowed(&response, request) {
		return
	}
	ctx := request.Context()
	username := request.FormValue("username")
	password := request.FormValue("password")

	if len(username) < 2 {
		http.Error(response, "short username", http.StatusBadRequest)
		return
	}
	if username == "server" {
		http.Error(response, "only server can use such name", http.StatusBadRequest)
	}
	if len(password) < 8 {
		http.Error(response, "short password", http.StatusBadRequest)
		return
	}

	if _, err := GetUserDataByName(ctx, username); err == nil {
		http.Error(response, "user already exists", http.StatusBadRequest)
		return
	}

	if _, err := AddNewUser(ctx, &User{username, password, "xxx", 0, false}); err != nil {
		http.Error(response, "internal server error", http.StatusInternalServerError)
		log.Fatal(err)
		return
	}

	response.WriteHeader(http.StatusCreated)
	_, err := response.Write([]byte("registered"))
	if err != nil {
		http.Error(response, "internal server error", http.StatusInternalServerError)
		return
	}
}

func LoginHandler(response http.ResponseWriter, request *http.Request) {
	if !isMethodAllowed(&response, request) {
		return
	}
	ctx := request.Context()
	username := request.FormValue("username")
	password := request.FormValue("password")

	respondBadLogin := func() {
		http.Error(response, "bad login", http.StatusConflict)
	}

	if len(username) < 2 {
		respondBadLogin()
		return
	}

	user, err := GetUserDataByName(ctx, username)
	if err != nil {
		respondBadLogin()
		return
	}

	if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) == nil {
		token, err := GetToken(user)
		if err != nil {
			respondBadLogin()
			return
		}

		if _, err = response.Write([]byte(token)); err != nil {
			return
		}
		return
	}
	respondBadLogin()
}

func CreateGroupHandler(response http.ResponseWriter, request *http.Request) {
	if !isMethodAllowed(&response, request) {
		return
	}
	var anyAuthDone bool = false
	var user User
	ctx := request.Context()
	username := request.FormValue("username")
	password := request.FormValue("password")
	token := request.FormValue("token")


	respondBadLogin := func() {
		http.Error(response, "bad login", http.StatusConflict)
	}

	if len(username) < 2 {
		respondBadLogin()
	}

	user, err := GetUserDataByName(ctx, username)
	if err != nil {
		respondBadLogin()
		return
	}

	if len(password) > 0 {
		if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) != nil {
			respondBadLogin()
			return
		}
		anyAuthDone = true
	} else if (len(token) > 0) {
		user, err := GetUserFromToken(token)
		if err != nil {
			respondBadLogin()
		}
	}

	CreateChatGroupWithoutMembers(ctx, &ChatGroup{
		Name:
	})
}