package main

import (
	b64 "encoding/base64"
	"fmt"
	"net/http"
	"strings"

	"github.com/gin-gonic/gin"
)

func get_auth_handle(c *gin.Context, rtenv *RouteEnv) {
	id := c.Params.ByName(rtenv.Cfg.Routes["auth"].Param)
  pass := ""
	role := rtenv.Cfg.AdminRole
	tkn := "-"
	hasRole := false
	var err error
	if strings.Contains(id,rtenv.Cfg.AuthSep) {
		s := strings.Split(id,rtenv.Cfg.AuthSep)
		id = s[0]
		pasw,_ := b64.StdEncoding.DecodeString(s[1])
		pass = string(pasw)
	}
	mdlUsr, okmdl := rtenv.MdlsUsrs[id]
	data := &User{
		UserName: id,
		UUID: id, 
		Data: "",
		FirstName: "",
		LastName: "", 
	}
	if okmdl {
		if val, ok := rtenv.Users.Accounts[mdlUsr.User]; ok {
			if len(pass) == 0 {
				c.JSON(http.StatusOK, gin.H{"auth": "?"}) 
				return
			}
		  txtdata := ""	
			txtdata,err = decrypt(val.Passwd, string(CRYPTKEY))
			if txtdata != pass {
				c.JSON(http.StatusOK, gin.H{"auth": "?"}) 
				return
			}
		}
		hasRole,_ = rtenv.Enforcer.HasRoleForUser(mdlUsr.User, role)
		data.UserName = mdlUsr.User
		data.Data = mdlUsr.Data
		data.FirstName = id
		logRoute(c,rtenv,"auth",fmt.Sprintf("get %s %s", rtenv.Cfg.Routes["auth"].Path,id),fmt.Sprintf("get %s (%s %v) %s",mdlUsr.User,role,hasRole,tkn))
	} else {
		logRoute(c,rtenv,"auth",fmt.Sprintf("get %s %s", rtenv.Cfg.Routes["auth"].Path,id),fmt.Sprintf("get %s (%s %v) %s","-",role,hasRole,tkn))
	}
	if rtenv.Cfg.UseJWT {
		if rtenv.AuthMiddleware == nil {
			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to auth"})
			return
		}
		tkn,err = makeTokenString(rtenv,data)
		if err != nil {
			fmt.Printf("tkn err: %+v\n", err)
			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to auth"})
			return
		}
		fmt.Printf("tkn: %+v\n", tkn)
	}
	if rtenv.Cfg.UseJWT {
	  c.JSON(http.StatusOK, gin.H{"auth": tkn, "user": mdlUsr.User, "model": mdlUsr.Model, "data": mdlUsr.Data, "hasrole": hasRole})
	} else {
	  c.JSON(http.StatusOK, gin.H{"pass": pass, "user": mdlUsr.User, "model": mdlUsr.Model, "data": mdlUsr.Data, "hasrole": hasRole})
	}
}

func get_auth_refresh_handle(c *gin.Context, rtenv *RouteEnv) {
	// token,expire,err := refreshToken(c,rtenv,data interface{}) (string, time.Time, error) {
	claims, err := rtenv.AuthMiddleware.CheckIfTokenExpire(c)
	if err != nil {
		fmt.Printf("Error Refresh token: %v\n",err)
		c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is expire"})
		return
	}
	var tkn string
	data := &User{
		UserName: "",
		UUID: "", 
		Data: "",
		FirstName: "",
		LastName: "", 
	}
	fmt.Printf("Refresh token: %v\n",claims)
	if val, ok := claims["id"]; ok {
		data.UserName = fmt.Sprintf("%s",val)
	}
	if val, ok := claims["uuid"]; ok {
		data.UUID = fmt.Sprintf("%s",val)
	}
	if val, ok := claims["data"]; ok {
		data.Data = fmt.Sprintf("%s",val)
	}
	tkn,err = makeTokenString(rtenv,data)
	if err != nil {
		fmt.Printf("tkn err: %+v\n", err)
		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to auth"})
		return
	}
	fmt.Printf("tkn: %+v\n", tkn)
	c.JSON(http.StatusOK, gin.H{"auth": tkn, "user": data.UserName, "uuid": data.UUID, "data": data.Data })
}