package handler

import (
	_ "embed"
	"github.com/google/uuid"
	"github.com/loveuer/nf"
	"github.com/loveuer/nf/nft/resp"
	"net/http"
	"net/url"
	"time"
	"uauth/internal/store/cache"
)

var (
	//go:embed serve_login.html
	pageLogin string
)

func LoginPage(c *nf.Ctx) error {
	type Req struct {
		ClientId     string `query:"client_id" json:"client_id"`
		ClientSecret string `query:"client_secret" json:"client_secret"`
		Scope        string `query:"scope" json:"scope"`
		RedirectURI  string `query:"redirect_uri" json:"redirect_uri"`
	}

	var (
		err error
		req = new(Req)
	)

	if err = c.QueryParser(req); err != nil {
		return resp.Resp400(c, err.Error())
	}

	if req.ClientId == "" || req.ClientSecret == "" || req.RedirectURI == "" {
		return resp.Resp400(c, req)
	}

	// todo: 验证 client id, client secret, scoop

	// todo: 如果用户是已登录状态，则直接带上信息返回到 authorize 页面

	state := uuid.New().String()[:8]
	if err = cache.Client.SetEx(c.Context(), cache.Prefix+"state_code:"+state, nil, 10*time.Minute); err != nil {
		return resp.Resp500(c, err.Error())
	}

	return c.RenderHTML("login", pageLogin, map[string]interface{}{
		"client_id":     req.ClientId,
		"client_secret": req.ClientSecret,
		"redirect_uri":  req.RedirectURI,
		"scope":         req.Scope,
		"state":         state,
	})
}

func LoginAction(c *nf.Ctx) error {
	type Req struct {
		Username     string `form:"username"`
		Password     string `form:"password"`
		ClientId     string `form:"client_id"`
		ClientSecret string `form:"client_secret"`
		RedirectURI  string `form:"redirect_uri"`
		Scope        string `form:"scope"`
	}

	var (
		err error
		req = new(Req)
	)

	if err = c.BodyParser(req); err != nil {
		return resp.Resp400(c, err.Error())
	}

	// todo: 验证用户登录是否成功，等等

	queries := make(url.Values)
	queries.Add("client_id", req.ClientId)
	queries.Add("client_secret", req.ClientSecret)
	queries.Add("redirect_uri", req.RedirectURI)
	queries.Add("scope", req.Scope)

	return c.Redirect("/api/oauth/v2/authorize?"+queries.Encode(), http.StatusFound)
}