/*
 * Copyright (C) 2008-2017, Juick
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
package com.juick.www.controllers;

import com.juick.server.util.HttpBadRequestException;
import com.juick.server.util.HttpForbiddenException;
import com.juick.server.util.UserUtils;
import com.juick.service.CrosspostService;
import com.juick.service.MessengerService;
import com.juick.service.UserService;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;

import javax.inject.Inject;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;

/**
 *
 * @author Ugnich Anton
 */
@Controller
public class SignUp {

    @Inject
    private UserService userService;
    @Inject
    private CrosspostService crosspostService;
    @Inject
    private MessengerService messengerService;


    @GetMapping("/signup")
    protected String doGet(@RequestParam String type, @RequestParam String hash, ModelMap model) {
        com.juick.User visitor = UserUtils.getCurrentUser();

        if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$")
                || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
            throw new HttpBadRequestException();
        }

        String account = null;
        switch (type) {
            case "fb":
                account = crosspostService.getFacebookNameByHash(hash);
                break;
            case "vk":
                account = crosspostService.getVKNameByHash(hash);
                break;
            case "xmpp":
                account = crosspostService.getJIDByHash(hash);
                break;
            case "durov":
                account = crosspostService.getTelegramNameByHash(hash);
                break;
            case "messenger":
                account = messengerService.getDisplayName(hash);
                break;
        }
        if (account == null) {
            throw new HttpBadRequestException();
        }

        model.addAttribute("title", "Новый пользователь");
        model.addAttribute("visitor", visitor);
        model.addAttribute("account", account);
        model.addAttribute("type", type);
        model.addAttribute("hash", hash);
        return "views/signup";
    }

    @PostMapping("/signup")
    protected String doPost(
            HttpServletResponse response,
            @RequestParam String type,
            @RequestParam String hash,
            @RequestParam String action,
            @RequestParam(required = false) String username,
            @RequestParam(required = false) String password) {
        com.juick.User visitor = UserUtils.getCurrentUser();
        int uid = 0;

        if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
            throw new HttpBadRequestException();
        }

        if (action.charAt(0) == 'l') {

            if (visitor.isAnonymous()) {
                if (username.length() > 32) {
                    throw new HttpBadRequestException();
                }
                uid = userService.checkPassword(username, password);
            } else {
                uid = visitor.getUid();
            }

            if (uid <= 0) {
                throw new HttpForbiddenException();
            }

            if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, uid))
                    && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, uid))
                    && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, uid))
                    && !(type.charAt(0) == 'x' && crosspostService.setJIDUser(hash, uid))
                    && !(type.charAt(0) == 'm' && messengerService.linkMessengerUser(hash, uid))) {
                throw new HttpBadRequestException();
            }

        } else { // Create new account
            if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) {
                throw new HttpBadRequestException();
            }

            // CHECK USERNAME

            uid = userService.createUser(username, password);
            if (uid <= 0) {
                throw new HttpBadRequestException();
            }

            if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, uid))
                    && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, uid))
                    && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, uid))
                    && !(type.charAt(0) == 'x' && crosspostService.setJIDUser(hash, uid))
                    && !(type.charAt(0) == 'm' && messengerService.linkMessengerUser(hash, uid))) {
                throw new HttpBadRequestException();
            }
        }

        if (visitor.isAnonymous()) {
            hash = userService.getHashByUID(uid);
            Cookie c = new Cookie("hash", hash);
            c.setMaxAge(365 * 24 * 60 * 60);
            response.addCookie(c);
        }
        return "redirect:/";
    }
}