package com.ufund.api.ufundapi.service;

import java.io.IOException;

import org.springframework.stereotype.Component;

import com.ufund.api.ufundapi.model.User;
import com.ufund.api.ufundapi.model.UserAuth;
import com.ufund.api.ufundapi.persistence.UserAuthDAO;

@Component
public class AuthService {

    private final UserAuthDAO userAuthDAO;
    private final UserService userService;

    public AuthService(UserAuthDAO userAuthDAO, UserService userService) {
        this.userAuthDAO = userAuthDAO;
        this.userService = userService;
    }

    /**
     * Check if the provided key has access to the provided user.
     *
     * @param targetUsername The targetUsername of the user trying to be accessed.
     * @param key The api key obtained by the client from logging in.
     * @throws IllegalAccessException Thrown if access was denied to the user.
     */
    public void authenticate(String targetUsername, String key) throws IllegalAccessException, IOException {
        var userAuth = userAuthDAO.getUserAuth(key);
        if (userAuth == null) {
            throw new IllegalAccessException("Invalid authentication key");
        }

       var username = userAuth.getUsername();
       var userType = userService.getUser(username).getType();
       if (!username.equals(targetUsername) && userType != User.UserType.MANAGER) {
           throw new IllegalAccessException("Provided key does not grant access to perform the requested operation");
       }
    }

    public void authenticate(String key) throws IOException, IllegalAccessException {
        var userAuth = userAuthDAO.getUserAuth(key);
        if (userAuth == null) {
            throw new IllegalAccessException("Invalid authentication key");
        }
    }

    /**
     * Attempt to log in with the provided credentials
     *
     * @param username The username of the user
     * @param password The password of the user
     * @return An API key if the authentication was successful.
     * @throws IllegalAccessException Thrown if the username or password was incorrect
     * @throws IOException If there was an issue saving the authentication
     */
    public String login(String username, String password) throws IllegalAccessException, IOException {
        var usr = userService.getUser(username);
        if (usr == null || !usr.verifyPassword(password)) {
            throw new IllegalAccessException("Incorrect username or password");
        }
        var userAuth = UserAuth.generate(username);
        userAuthDAO.addUserAuth(userAuth);
        return userAuth.getKey();
    }

    /**
     * Logs out the current user
     *
     * @param key The API key to of the client
     * @throws IOException Thrown if there was an error saving the authentication
     */
    public void logout(String key) throws IOException {
        userAuthDAO.removeUserAuth(key);
    }

}