/*
	Copyright (C) 2025  hexlocation (hex@iwakura.rip) & grngxd (grng@iwakura.rip)

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.
*/

package routes

import (
	"errors"
	"fmt"
	"net/http"
	"time"

	"github.com/gin-gonic/gin"
	"github.com/golang-jwt/jwt/v5"
	"stereo.cat/backend/internal/auth"
	"stereo.cat/backend/internal/auth/session"
	"stereo.cat/backend/internal/auth/ukey"
	"stereo.cat/backend/internal/types"
)

func RegisterAuthRoutes(cfg *types.StereoConfig, api *gin.RouterGroup) {
	api.GET("/auth/callback", func(c *gin.Context) {
		code := c.Query("code")

		t, err := cfg.Client.ExchangeCode(code)

		if err != nil {
			panic(err)
		}

		user, err := cfg.Client.GetUser(t)

		if err != nil {
			panic(err)
		}

		jwt, err := session.GenerateSessionJWT(cfg.JWTSecret, user, uint64(time.Now().Add(time.Second*time.Duration(t.ExpiresIn)).Unix()))

		if err != nil {
			panic(err)
		}

		res := cfg.Database.FirstOrCreate(&user)

		if res.Error != nil {
			panic(res.Error)
		}

		// TODO: redirect to dashboard
		/*c.JSON(http.StatusOK, gin.H{
			"jwt":   jwt,
			"known": res.RowsAffected == 0,
		})
		*/
		c.SetCookie("jwt", jwt, int(t.ExpiresIn), "", cfg.Domain, true, true)
		c.Redirect(http.StatusTemporaryRedirect, cfg.FrontendUri+"?jwt_set=true")
	})

	api.GET("/auth/me", session.SessionMiddleware(cfg.JWTSecret), func(c *gin.Context) {
		claims := c.MustGet("claims")
		c.JSON(http.StatusOK, claims)
	})

	// Generate an API key (automatically revokes previous api key too since a user can only have one api key bound to their db entry at a given time)
	api.GET("/auth/key", session.SessionMiddleware(cfg.JWTSecret), func(c *gin.Context) {
		claims := c.MustGet("claims").(jwt.MapClaims)

		user, ok := claims["user"].(auth.User)
		if !ok {
			types.ErrorUserNotFound.Throw(c, errors.New(fmt.Sprintf("got data with type %T but wanted claims.User", claims["user"])))
			return
		}

		key := ukey.GenerateUploadKey(cfg, &user, c)

		if key == nil {
			return
		}

		c.JSON(http.StatusOK, gin.H{
			"success": true,
			"key":     key,
		})
	})
}