package signinHandler

import (
	"errors"
	"github.com/a-h/templ"
	"github.com/fossyy/filekeeper/db"
	totpHandler "github.com/fossyy/filekeeper/handler/auth/totp"
	"net/http"
	"strings"
	"time"

	"github.com/fossyy/filekeeper/logger"
	"github.com/fossyy/filekeeper/session"
	"github.com/fossyy/filekeeper/types"
	"github.com/fossyy/filekeeper/utils"
	signinView "github.com/fossyy/filekeeper/view/signin"
)

var log *logger.AggregatedLogger
var errorMessages = make(map[string]string)

func init() {

}

func init() {
	errorMessages = map[string]string{
		"redirect_uri_mismatch":      "The redirect URI provided does not match the one registered with our service. Please contact the administrator for assistance.",
		"invalid_request":            "The request is missing required parameters or has invalid values. Please try again or contact support for assistance.",
		"access_denied":              "Access was denied. You may have declined the request for permission. Please try again if you wish to grant access.",
		"unauthorized_client":        "You are not authorized to make this request. Please contact support for further assistance.",
		"unsupported_response_type":  "The requested response type is not supported. Please try again with a supported response type.",
		"invalid_scope":              "The requested scope is invalid or unknown. Please try again or contact support for assistance.",
		"server_error":               "Our server encountered an unexpected error. Please try again later or contact support for assistance.",
		"temporarily_unavailable":    "Our server is currently undergoing maintenance. Please try again later.",
		"invalid_grant":              "The authorization code or refresh token provided is invalid. Please try again or contact support for assistance.",
		"invalid_client":             "The client identifier provided is invalid. Please check your credentials and try again.",
		"invalid_token":              "The access token provided is invalid. Please try again or contact support for assistance.",
		"insufficient_scope":         "You do not have sufficient privileges to perform this action. Please contact support for assistance.",
		"interaction_required":       "Interaction with the authorization server is required. Please try again.",
		"login_required":             "You need to log in again to proceed. Please try logging in again.",
		"account_selection_required": "Please select an account to proceed with the request.",
		"consent_required":           "Consent is required to proceed. Please provide consent to continue.",
	}
	log = logger.Logger()
}

func GET(w http.ResponseWriter, r *http.Request) {
	var component templ.Component
	if err := r.URL.Query().Get("error"); err != "" {
		message, ok := errorMessages[err]
		if !ok {
			message = "Unknown error occurred. Please contact support at bagas@fossy.my.id for assistance."
		}

		component = signinView.Main("Sign in Page", types.Message{
			Code:    0,
			Message: message,
		})
	} else {
		component = signinView.Main("Filekeeper - Sign in Page", types.Message{
			Code:    3,
			Message: "",
		})
	}

	err := component.Render(r.Context(), w)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		log.Error(err.Error())
		return
	}
}

func POST(w http.ResponseWriter, r *http.Request) {
	err := r.ParseForm()
	if err != nil {
		http.Error(w, "Error parsing form", http.StatusBadRequest)
		log.Error(err.Error())
		return
	}
	email := r.Form.Get("email")
	password := r.Form.Get("password")
	userData, err := db.DB.GetUser(email)
	if err != nil {
		component := signinView.Main("Filekeeper - Sign in Page", types.Message{
			Code:    0,
			Message: "Incorrect Username or Password",
		})
		log.Error(err.Error())
		err = component.Render(r.Context(), w)
		if err != nil {
			w.WriteHeader(http.StatusInternalServerError)
			log.Error(err.Error())
			return
		}
		return
	}

	if email == userData.Email && utils.CheckPasswordHash(password, userData.Password) {
		if userData.Totp != "" {
			id := utils.GenerateRandomString(32)
			totpHandler.TotpInfoList[id] = &totpHandler.TotpInfo{
				ID:         id,
				UserID:     userData.UserID,
				Secret:     userData.Totp,
				Email:      userData.Email,
				Username:   userData.Username,
				CreateTime: time.Now(),
			}
			http.Redirect(w, r, "/auth/totp/"+id, http.StatusSeeOther)
			return
		}

		storeSession := session.Create()
		storeSession.Values["user"] = types.User{
			UserID:        userData.UserID,
			Email:         email,
			Username:      userData.Username,
			Authenticated: true,
		}

		userAgent := r.Header.Get("User-Agent")
		browserInfo, osInfo := ParseUserAgent(userAgent)

		sessionInfo := session.SessionInfo{
			SessionID: storeSession.ID,
			Browser:   browserInfo["browser"],
			Version:   browserInfo["version"],
			OS:        osInfo["os"],
			OSVersion: osInfo["version"],
			IP:        utils.ClientIP(r),
			Location:  "Indonesia",
		}

		storeSession.Save(w)
		session.AddSessionInfo(email, &sessionInfo)

		cookie, err := r.Cookie("redirect")
		if errors.Is(err, http.ErrNoCookie) {
			http.Redirect(w, r, "/", http.StatusSeeOther)
			return
		}
		http.SetCookie(w, &http.Cookie{
			Name:   "redirect",
			MaxAge: -1,
		})
		http.Redirect(w, r, cookie.Value, http.StatusSeeOther)
		return
	}
	component := signinView.Main("Filekeeper - Sign in Page", types.Message{
		Code:    0,
		Message: "Incorrect Username or Password",
	})
	err = component.Render(r.Context(), w)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		log.Error(err.Error())
		return
	}
}

func ParseUserAgent(userAgent string) (map[string]string, map[string]string) {
	browserInfo := make(map[string]string)
	osInfo := make(map[string]string)
	if strings.Contains(userAgent, "Firefox") {
		browserInfo["browser"] = "Firefox"
		parts := strings.Split(userAgent, "Firefox/")
		if len(parts) > 1 {
			version := strings.Split(parts[1], " ")[0]
			browserInfo["version"] = version
		}
	} else if strings.Contains(userAgent, "Chrome") {
		browserInfo["browser"] = "Chrome"
		parts := strings.Split(userAgent, "Chrome/")
		if len(parts) > 1 {
			version := strings.Split(parts[1], " ")[0]
			browserInfo["version"] = version
		}
	} else {
		browserInfo["browser"] = "Unknown"
		browserInfo["version"] = "Unknown"
	}

	if strings.Contains(userAgent, "Windows") {
		osInfo["os"] = "Windows"
		parts := strings.Split(userAgent, "Windows ")
		if len(parts) > 1 {
			version := strings.Split(parts[1], ";")[0]
			osInfo["version"] = version
		}
	} else if strings.Contains(userAgent, "Macintosh") {
		osInfo["os"] = "Mac OS"
		parts := strings.Split(userAgent, "Mac OS X ")
		if len(parts) > 1 {
			version := strings.Split(parts[1], ";")[0]
			osInfo["version"] = version
		}
	} else if strings.Contains(userAgent, "Linux") {
		osInfo["os"] = "Linux"
		osInfo["version"] = "Unknown"
	} else if strings.Contains(userAgent, "Android") {
		osInfo["os"] = "Android"
		parts := strings.Split(userAgent, "Android ")
		if len(parts) > 1 {
			version := strings.Split(parts[1], ";")[0]
			osInfo["version"] = version
		}
	} else if strings.Contains(userAgent, "iPhone") || strings.Contains(userAgent, "iPad") || strings.Contains(userAgent, "iPod") {
		osInfo["os"] = "iOS"
		parts := strings.Split(userAgent, "OS ")
		if len(parts) > 1 {
			version := strings.Split(parts[1], " ")[0]
			osInfo["version"] = version
		}
	} else {
		osInfo["os"] = "Unknown"
		osInfo["version"] = "Unknown"
	}

	return browserInfo, osInfo
}