package api

import (
	"code.gitea.io/sdk/gitea"
	"context"
	"encoding/json"
	"git.lumeweb.com/LumeWeb/gitea-github-proxy/config"
	"github.com/gorilla/mux"
	"go.uber.org/zap"
	"io"
	"net/http"
	"strings"
)

const AUTHED_CONTEXT_KEY = "authed"
const REDIRECT_AFTER_AUTH = "redirect-after-auth"
const WEBHOOK_CONTEXT_KEY = "webhook"

const AuthCookieName = "auth-token"

func findAuthToken(r *http.Request) string {
	authHeader := parseAuthTokenHeader(r.Header)

	if authHeader != "" {
		return authHeader
	}

	cookie := getCookie(r, AuthCookieName)
	if cookie != "" {
		return cookie
	}

	return r.FormValue(AuthCookieName)
}

func giteaOauthVerifyMiddleware(cfg *config.Config) mux.MiddlewareFunc {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			token := findAuthToken(r)
			if token == "" {
				addAuthStatusToRequestServ(false, r, w, next)
				return
			}

			client, err := getClient(ClientParams{
				Config:    cfg,
				AuthToken: token,
			})

			if err != nil {
				http.Error(w, err.Error(), http.StatusInternalServerError)
				return
			}

			_, _, err = client.AdminListUsers(gitea.AdminListUsersOptions{})
			if err != nil {
				addAuthStatusToRequestServ(false, r, w, next)
				return
			}

			addAuthStatusToRequestServ(true, r, w, next)
		})
	}
}

func storeWebhookDataMiddleware(logger *zap.Logger) mux.MiddlewareFunc {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			var webhook map[string]interface{}
			body, err := io.ReadAll(r.Body)
			if err != nil {
				logger.Error("Failed to read request body", zap.Error(err))
				w.WriteHeader(http.StatusInternalServerError)
				return
			}

			err = json.Unmarshal(body, &webhook)
			if err != nil {
				logger.Error("Failed to unmarshal webhook", zap.Error(err))
				w.WriteHeader(http.StatusInternalServerError)
				return
			}

			if len(webhook) == 0 {
				logger.Error("Webhook data is empty")
				w.WriteHeader(http.StatusBadRequest)
				return
			}

			ctx := context.WithValue(r.Context(), WEBHOOK_CONTEXT_KEY, body)
			r = r.WithContext(ctx)

			r.Body = io.NopCloser(strings.NewReader(string(body)))

			next.ServeHTTP(w, r)
		})
	}
}

func requireAuthMiddleware(cfg *config.Config) mux.MiddlewareFunc {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			status := getAuthedStatusFromRequest(r)

			if !status {
				setCookie(w, REDIRECT_AFTER_AUTH, cfg.Domain, r.Referer(), 0, http.SameSiteLaxMode)
				http.Redirect(w, r, "/setup", http.StatusFound)
				return
			}

			next.ServeHTTP(w, r)
		})
	}
}
func loggingMiddleware(logger *zap.Logger) mux.MiddlewareFunc {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			// Do stuff here
			logger.Debug("Request", zap.String("method", r.Method), zap.String("url", r.RequestURI))
			// Call the next handler, which can be another middleware in the chain, or the final handler.
			next.ServeHTTP(w, r)
		})
	}
}
func addAuthStatusToRequestServ(status bool, r *http.Request, w http.ResponseWriter, next http.Handler) {
	ctx := context.WithValue(r.Context(), AUTHED_CONTEXT_KEY, status)
	r = r.WithContext(ctx)

	next.ServeHTTP(w, r)
}

func parseAuthTokenHeader(headers http.Header) string {
	authHeader := headers.Get("Authorization")
	if authHeader == "" {
		return ""
	}

	authHeader = strings.TrimPrefix(authHeader, "Bearer ")

	return authHeader
}

func getAuthedStatusFromRequest(r *http.Request) bool {
	authed, ok := r.Context().Value(AUTHED_CONTEXT_KEY).(bool)
	if !ok {
		return false
	}

	return authed
}