import { Router, RequestHandler, Request, Response } from 'express'

import * as configFunctions from '../helpers/functions.config.js'

import * as authenticationFunctions from '../helpers/functions.authentication.js'

import { useTestDatabases } from '../data/databasePaths.js'

import { getApiKey } from '../helpers/functions.api.js'

import Debug from 'debug'

import type * as recordTypes from '../types/recordTypes'

const debug = Debug('lot-occupancy-system:login')

export const router = Router()

function getHandler(request: Request, response: Response): void {
  const sessionCookieName = configFunctions.getProperty('session.cookieName')

  if (
    request.session.user !== undefined &&
    request.cookies[sessionCookieName] !== undefined
  ) {
    const redirectURL = authenticationFunctions.getSafeRedirectURL(
      (request.query.redirect ?? '') as string
    )

    response.redirect(redirectURL)
  } else {
    response.render('login', {
      userName: '',
      message: '',
      redirect: request.query.redirect,
      useTestDatabases
    })
  }
}

async function postHandler(
  request: Request,
  response: Response
): Promise<void> {
  const userName = (
    typeof request.body.userName === 'string' ? request.body.userName : ''
  ) as string

  const passwordPlain = (
    typeof request.body.password === 'string' ? request.body.password : ''
  ) as string

  const unsafeRedirectURL = request.body.redirect

  const redirectURL = authenticationFunctions.getSafeRedirectURL(
    typeof unsafeRedirectURL === 'string' ? unsafeRedirectURL : ''
  )

  let isAuthenticated = false

  if (userName.charAt(0) === '*') {
    if (useTestDatabases && userName === passwordPlain) {
      isAuthenticated = configFunctions
        .getProperty('users.testing')
        .includes(userName)

      if (isAuthenticated) {
        debug('Authenticated testing user: ' + userName)
      }
    }
  } else if (userName !== '' && passwordPlain !== '') {
    isAuthenticated = await authenticationFunctions.authenticate(
      userName,
      passwordPlain
    )
  }

  let userObject: recordTypes.User | undefined

  if (isAuthenticated) {
    const userNameLowerCase = userName.toLowerCase()

    const canLogin = configFunctions
      .getProperty('users.canLogin')
      .some((currentUserName) => {
        return userNameLowerCase === currentUserName.toLowerCase()
      })

    if (canLogin) {
      const canUpdate = configFunctions
        .getProperty('users.canUpdate')
        .some((currentUserName) => {
          return userNameLowerCase === currentUserName.toLowerCase()
        })

      const isAdmin = configFunctions
        .getProperty('users.isAdmin')
        .some((currentUserName) => {
          return userNameLowerCase === currentUserName.toLowerCase()
        })

      const apiKey = await getApiKey(userNameLowerCase)

      userObject = {
        userName: userNameLowerCase,
        userProperties: {
          canUpdate,
          isAdmin,
          apiKey
        }
      }
    }
  }

  if (isAuthenticated && userObject !== undefined) {
    request.session.user = userObject

    response.redirect(redirectURL)
  } else {
    response.render('login', {
      userName,
      message: 'Login Failed',
      redirect: redirectURL,
      useTestDatabases
    })
  }
}

router
  .route('/')
  .get(getHandler)
  .post(postHandler as RequestHandler)

export default router