package com.displaynone.acss.components.auth;

import com.displaynone.acss.components.auth.internal_utils.JWTUtils;
import com.displaynone.acss.components.auth.models.AuthTokenPair;
import com.displaynone.acss.components.auth.models.user.UserModel;
import com.displaynone.acss.components.auth.models.user.service.UserService;
import com.displaynone.acss.exception.generics.UnauthorizedHTTPException;
import com.displaynone.acss.utils.Pair;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.lang.NonNull;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;

import java.util.Optional;

@Component
@RequiredArgsConstructor
public class AuthComponent implements UserDetailsService {
    private JWTUtils jwtUtils;
    private final UserService userService;
    private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();

    @Autowired
    public AuthComponent(JWTUtils jwtUtils, UserService userService) {
        this.jwtUtils = jwtUtils;
        this.userService = userService;
    }

    public AuthTokenPair _generateTokenPair(@NonNull UserDetails user) {
        String accessToken = jwtUtils.generateAccessToken(user);
        String refreshToken = jwtUtils.generateRefreshToken(user);

        return new AuthTokenPair(accessToken, refreshToken);
    }

    public Optional<UserModel> getUserByLogin(@NonNull String login) {
        return userService.findByLogin(login);
    }

    public UserModel getUserByLoginStrict(@NonNull String login) {
        return userService.findByLoginStrict(login);
    }

    public UsernamePasswordAuthenticationToken authenticateByAccessToken(@NonNull String accessToken) {
        if (!jwtUtils.validateToken(accessToken)) throw new UnauthorizedHTTPException("Invalid access token");

        String username = jwtUtils.getLogin(accessToken);
        UserModel userModel = getUserByLoginStrict(username);

        return new UsernamePasswordAuthenticationToken(userModel, null, userModel.getAuthorities());
    }

    public AuthTokenPair refresh(@NonNull String refreshToken) {
        if (!jwtUtils.validateToken(refreshToken)) throw new UnauthorizedHTTPException("Invalid refresh token");

        String login = jwtUtils.getLogin(refreshToken);
        UserModel userModel = getUserByLoginStrict(login);

        return _generateTokenPair(userModel);
    }

    public Pair<UserModel, AuthTokenPair> authenticate(@NonNull String login, @NonNull String password) {
        UserModel userModel = userService.findByLoginStrict(login);
        if (passwordEncoder.matches(password, userModel.getPassword())) return Pair.of(userModel, authenticate(userModel));
        throw new UnauthorizedHTTPException("Wrong auth credentials");
    }

    public AuthTokenPair authenticate(@NonNull UserDetails user) {
        return _generateTokenPair(user);
    }

    @Override
    public UserDetails loadUserByUsername(@NonNull String username) throws UsernameNotFoundException {
        return getUserByLoginStrict(username);
    }

    public void updateUserByLogin(String login, UserModel userUpdated) {
        userService.updateUserByLogin(login, userUpdated);
    }
}