use sha2::{Sha256, Digest};
use rand::{prelude::Rng, distributions::Alphanumeric };
use oracle::{Connection, Error};
use log::{info, warn, error};
use actix_identity::Identity;
use actix_web::{web, Responder, HttpRequest, HttpMessage, HttpResponse, cookie};
use serde::{Deserialize, Serialize};
use crate::config::{ORACLE_USER, ORACLE_PASS, ORACLE_CON_STR};

static SALT_LEN: usize = 16;

#[derive(Deserialize, Serialize, Debug, Default)]
pub struct Entry {
    net_id: String,
    password: String
}

#[derive(Deserialize, Serialize, Debug, Default)]
pub struct User {
    id: String,
    first_name: String,
    last_name: String
}

#[derive(Deserialize, Serialize, Debug, Default)]
pub struct NewUser {
    net_id: String, 
    password: String,
    first_name: String,
    last_name: String
}


pub async fn login(request: HttpRequest, body: web::Json<Entry>) -> impl Responder {
    //TODO: finish login, for now will simply login for everyone
    let net_id: &str = body.net_id.as_str();
    let password: &str = body.password.as_str();
    
    //Identity::login(&request.extensions(), "User1".into());
    println!("{:?}", request);
    println!("{:?}", body);
    match authenticate(net_id, password) {
        Some(user) => {
            let id = Identity::login(&request.extensions(), net_id.into()).unwrap();
            web::Json(user);
            HttpResponse::Ok()
        },
        None => {
            web::Json(User::default());
            HttpResponse::Unauthorized()
        }
    }
}

pub async fn logout(user: Identity) -> impl Responder {
    user.logout();
    HttpResponse::Ok()
}

pub async fn signup(request: HttpRequest, body: web::Json<NewUser>) -> impl Responder {
    let body = body.into_inner();

    match create_user(body.net_id.as_str(), body.password.as_str(), body.first_name.as_str(), body.last_name.as_str()) {
        Ok(_) => {
            Identity::login(&request.extensions(), body.net_id.clone()).unwrap();
            web::Json(User { id: body.net_id, first_name: body.first_name, last_name: body.last_name});
            HttpResponse::Ok()
        }
        Err(e) => {
            error!("Error creating new user: {}", e);
            HttpResponse::InternalServerError()
        }
    }

}

fn authenticate(username: &str, password: &str) -> Option<User> {
    
    info!("Authenticating user: {}", username);

    let conn = match Connection::connect(ORACLE_USER,ORACLE_PASS, ORACLE_CON_STR){
        Ok(c) => c,
        Err(e) => {
            error!("unable to open connection to server: {}", e);
            return None;
        }
    };
    let mut stmt = match conn.statement("select * from student where net_id = :1").build(){
        Ok(s) => s,
        Err(e) => {
            error!("unable to build statement: {}", e);
            return None;
        }
    };

    let row = stmt.query_row_as::<(String, String, String, String, String)>(&[&username]).unwrap_or_default();
    
    let true_pword = row.3;
    let salt = row.4;

    let mut hasher = Sha256::new();
    hasher.update(password);
    hasher.update(salt);
    let hash = hasher.finalize();

    let mut tmp: String = String::new();
    for value in hash{
        tmp += &format!("{:x}", value); 
    }
    
    conn.close().unwrap_or_default();


    if true_pword.eq(&tmp) {
        info!("User {} successfully authenticated", username);
        Some( User { id: row.0, first_name: row.1,last_name: row.2} )
    }
    else{
        warn!("User {} failed authentication", username);
        None
    }

}




fn create_user(username: &str, password: &str, first_name: &str, last_name: &str) -> Result<(), Error> {

    info!("Creating user: {}", username); 
    let conn = Connection::connect(ORACLE_USER, ORACLE_PASS, ORACLE_CON_STR)?;
    let mut stmt = conn.statement("insert into student values(:net_id, :first_name, :last_name, :pswd, :salt)").build()?;

    let salt: String = rand::thread_rng().sample_iter(&Alphanumeric).take(SALT_LEN).map(char::from).collect();
    let mut hasher = Sha256::new();
    hasher.update(&password);
    hasher.update(&salt);
    let hash = hasher.finalize();
    
    let mut hash_string = String::new();

    for value in hash{
        hash_string += &format!("{:x}", value);
    }

    match stmt.execute_named(&[("net_id", &username), ("first_name", &first_name), ("last_name", &last_name), ("pswd", &hash_string), ("salt", &salt)]) {
        Ok(_) => {
            info!("User {} successfully created", username); 
            conn.commit()?;
        },
        Err(_) => {
            warn!("Failed to create user {}", username);
            conn.rollback()?;
        }
    };
    
    let mut new_table = conn.statement("create table :net_id ( item_id number(5), foreign key (item_id) references menu_item (id))").build()?;

    match new_table.execute_named(&[("net_id", &username)]) {
        Ok(_) => {
            info!("User {} week table created", username);
            conn.commit()?;
        },
        Err(_) => {
            warn!("Failed to create week table for {}", username);
            conn.rollback()?;
        }
    };

    conn.close()?;
    Ok(())

}