import jwt from 'jsonwebtoken';
import config from '../../config.json' with {type: "json"};
import GroupService from '../services/group.js';
import UserService from '../services/user.js';
import customError from '../response/customError.js';
import responseCodes from '../response/responseCodes.js';

const TAG = "/middlewares/auth.js";

const requireUsername = async (req, res, next) => {
    if (req.method == "OPTIONS") next();

    const { username } = req.body;
    if (!username) throw new customError(`requireUsername username is required`, responseCodes.responses.usernames.required)
    next();
};

const requirePassword = async (req, res, next) => {
    if (req.method == "OPTIONS") next();

    const { password } = req.body;
    if (!password) throw new customError(`requirePassword password is required`, responseCodes.responses.passwords.required);
    next();
};

const authenticate = async (req, res, next) => {
    if (req.method == "OPTIONS") next();
    if (!req.headers.authorization) throw new customError(`authenticate no authorization header`, responseCodes.responses.authentication.not_found);

    const token = req.headers.authorization.split(' ')[1];
    if (!token) throw new customError(`authenticate no authorization token in header`, responseCodes.responses.authentication.not_found);

    let user = jwt.decode(token, config.secret);

    await UserService.getByUsername(user.login.username)

    if (!jwt.verify(token, config.secret)) throw new customError(`authenticate token is invalid`, responseCodes.responses.authentication.invalid);

    next();
};

const authorizeGroupOwner = async (req, res, next) => {
    if (req.method == "OPTIONS") next();

    const token = req.headers.authorization.split(' ')[1];

    const { groupId } = req.params;

    let user = jwt.decode(token, config.secret);

    let adminId = await GroupService.getAdminId(groupId);
    if (user.login.id != adminId) throw new customError(`authorizeGroupOwner not an owner`, responseCodes.responses.groups.not_an_owner)
    next();
};

const checkGroupPassword = async (req, res, next) => {
    if (req.method == "OPTIONS") next();

    const { groupId } = req.params;
    const { password } = req.body;

    const groupPassword = await GroupService.getPassword(groupId);

    if (groupPassword != password) throw new customError(`checkGroupPassword password is invalid`, responseCodes.responses.passwords.invalid);
    next();

};

const userIsInGroup = async (req, res, next) => {
    if (req.method == "OPTIONS") next();

    const groupId = req.body.groupId || req.params.groupId;

    const token = req.headers.authorization.split(' ')[1];
    let user = jwt.decode(token, config.secret);
    if (!await UserService.isInGroup(user.login.id, groupId)) throw new customError(`userIsInGroup not a member`, responseCodes.responses.groups.not_a_member)
    next();
};

export default {
    requireUsername,
    requirePassword,
    authenticate,
    authorizeGroupOwner,
    checkGroupPassword,
    userIsInGroup
};