package api

import (
	"encoding/json"
	"fmt"
	"log"
	"net/http"
	"strconv"

	authdiscord "example.com/auth/discord"
	configserver "example.com/config/server"
	character "example.com/database/character"
	customization "example.com/database/customization"
	function "example.com/database/function"
	functionset "example.com/database/functionset"
	functiontag "example.com/database/functiontag"
	group "example.com/database/group"
	inventoryslot "example.com/database/inventoryslot"
	item "example.com/database/item"
	itemtag "example.com/database/itemtag"
	person "example.com/database/person"
	role "example.com/database/role"
	schematic "example.com/database/schematic"
	tier "example.com/database/tier"
	user "example.com/database/user"

	"github.com/gin-gonic/gin"
	"github.com/xyproto/randomstring"
	"golang.org/x/oauth2"
	"gorm.io/gorm"
)

var GlobalDatabase *gorm.DB
var GlobalConfig configserver.AppConfig
var GlobalOAuth *oauth2.Config

// Private Functions

func objectIDStringsToInts(context *gin.Context, objectIDs []string) *[]int {
	var objectIDInts []int
	for _, objectID := range objectIDs {
		objectIDInt, err := strconv.Atoi(objectID)
		if err != nil {
			objectIDInts = append(objectIDInts, objectIDInt)
		} else {
			context.AbortWithStatus(http.StatusBadRequest)
		}
	}
	return &objectIDInts
}

// Authentication Workflow

func AuthCallback(context *gin.Context) {
	oauthState := randomstring.CookieFriendlyString(32)
	context.Set("state", oauthState)
	var err error
	oauthToken, err := GlobalOAuth.Exchange(context.Request.Context(), context.Query("code"))
	if err != nil {
		context.Redirect(http.StatusInternalServerError, GlobalConfig.GetFrontendRootDomain())
	}
	oauthTokenJSON, _ := json.Marshal(oauthToken)
	context.SetCookie("discord-oauthtoken", string(oauthTokenJSON), 0, "", GlobalConfig.API.Domain, false, false)
	context.Set("discord-oauthtoken", string(oauthTokenJSON))
	CreateOrUpdateUser(context)
	context.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%sdashboard", GlobalConfig.GetFrontendRootDomain()))
}

func AuthLoginRedirect(context *gin.Context) {
	context.Redirect(302, GlobalOAuth.AuthCodeURL(context.GetString("state")))
}

func AuthLogoutRedirect(context *gin.Context) {
	oauthTokenJSON, err := context.Cookie("discord-oauthtoken")
	if err == nil {
		user.Logout(GlobalDatabase, oauthTokenJSON)
		context.SetCookie("discord-oauthtoken", "", -1, "", GlobalConfig.API.Domain, false, true)
	} else {
		log.Println(err)
	}
	context.Redirect(http.StatusTemporaryRedirect, GlobalConfig.GetFrontendRootDomain())
}

func CreateOrUpdateUser(context *gin.Context) {
	oauthTokenJSON := context.GetString("discord-oauthtoken")
	err := error(nil)
	if oauthTokenJSON == "" {
		oauthTokenJSON, err = context.Cookie("discord-oauthtoken")
		if err != nil {
			log.Printf("This really shouldn't happen. %s", err)
			context.AbortWithStatus(http.StatusInternalServerError)
		}
	}
	var oauthToken *oauth2.Token
	err = json.Unmarshal([]byte(oauthTokenJSON), &oauthToken)
	if err != nil {
		log.Println(err)
		context.AbortWithStatus(http.StatusBadRequest)
	}
	var currentDiscordUser authdiscord.DiscordUser
	currentDiscordUser.GetDiscordUser(context, oauthToken, GlobalConfig, GlobalOAuth)
	updatedDatabaseUser := user.User{
		DisplayName:      currentDiscordUser.Global_Name,
		Username:         currentDiscordUser.Username,
		Id:               currentDiscordUser.Id,
		Avatar:           currentDiscordUser.Avatar,
		AvatarDecoration: currentDiscordUser.Avatar_Decoration_Data.Asset,
		LoginToken:       string(oauthTokenJSON),
		LoggedIn:         true,
		ApiKey:           nil,
	}
	if user.Exists(GlobalDatabase, currentDiscordUser.Id) {
		dbOAuthToken := user.GetTokenFromUserId(GlobalDatabase, currentDiscordUser.Id)
		if user.GetLoggedInFromDiscordId(GlobalDatabase, currentDiscordUser.Id) {
			context.SetCookie("discord-oauthtoken", dbOAuthToken, 0, "", GlobalConfig.API.Domain, false, false)
			updatedDatabaseUser.LoginToken = string(dbOAuthToken)
		} else {
			context.SetCookie("discord-oauthtoken", string(oauthTokenJSON), 0, "", GlobalConfig.API.Domain, false, false)
		}
		err := updatedDatabaseUser.Update(GlobalDatabase)
		if err != nil {
			log.Println(err)
			context.AbortWithStatus(http.StatusInternalServerError)
		}
	} else {
		err := updatedDatabaseUser.Create(GlobalDatabase)
		if err != nil {
			log.Println(err)
			context.Copy().AbortWithStatus(http.StatusInternalServerError)
		}
	}
}

// Create Endpoints (post/)

func CreateGroup(context *gin.Context) {
	GetUserLoggedIn(context)
	isAuthorized := context.GetBool("is-authorized")
	if isAuthorized {
		name, nameOk := context.GetQuery("name")
		if nameOk {
			group.Create(GlobalDatabase, name)
			context.Status(http.StatusOK)
		} else {
			context.AbortWithStatus(http.StatusBadRequest)
		}
	} else {
		context.AbortWithStatus(http.StatusUnauthorized)
	}
}

func CreateFunction(context *gin.Context) {
	GetUserLoggedIn(context)
	isAuthorized := context.GetBool("is-authorized")
	if isAuthorized {
		name, nameOk := context.GetQuery("name")
		tags := context.QueryArray("tags")
		requirements := context.QueryArray("requirements")
		if nameOk {
			function.Create(GlobalDatabase, name, tags, requirements)
			context.Status(http.StatusOK)
		} else {
			context.AbortWithStatus(http.StatusBadRequest)
		}
	} else {
		context.AbortWithStatus(http.StatusUnauthorized)
	}
}

func CreateFunctionTag(context *gin.Context) {
	GetUserLoggedIn(context)
	isAuthorized := context.GetBool("is-authorized")
	if isAuthorized {
		name := context.Query("name")
		if name != "" {
			functiontag.Create(GlobalDatabase, name)
			context.Status(http.StatusOK)
		} else {
			context.AbortWithStatus(http.StatusBadRequest)
		}
	} else {
		context.AbortWithStatus(http.StatusUnauthorized)
	}
}

// Update Endpoints (put/)

func UpdateFunction(context *gin.Context) {
	GetUserLoggedIn(context)
	isAuthorized := context.GetBool("is-authorized")
	if isAuthorized {
		name, nameOk := context.GetQuery("name")
		tags := context.QueryArray("tags")
		requirements := context.QueryArray("requirements")
		if nameOk {
			function.Update(GlobalDatabase, name, tags, requirements)
			context.Status(http.StatusOK)
		} else {
			context.AbortWithStatus(http.StatusBadRequest)
		}
	} else {
		context.AbortWithStatus(http.StatusUnauthorized)
	}
}

// Read Endpoints (get/)

func GetDiscordUser(context *gin.Context) {
	oauthTokenJSON, err := context.Cookie("discord-oauthtoken")
	if err == nil {
		var oauthToken *oauth2.Token
		err := json.Unmarshal([]byte(oauthTokenJSON), &oauthToken)
		if err == nil {
			if oauthToken.Valid() {
				var discordUser authdiscord.DiscordUser
				discordUser.GetDiscordUser(context, oauthToken, GlobalConfig, GlobalOAuth)
				if user.GetLoggedInFromDiscordId(GlobalDatabase, discordUser.Id) {
					context.JSON(http.StatusOK, discordUser)
				} else {
					context.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%slogout", GlobalConfig.GetAPIRootDomain()))
				}
				return
			} else {
				log.Println(err)
				context.AbortWithStatus(http.StatusBadRequest)
			}
		} else {
			log.Println(err)
			context.AbortWithStatus(http.StatusBadRequest)
		}
	} else {
		log.Println(err)
		context.AbortWithStatus(http.StatusBadRequest)
	}
	context.Redirect(http.StatusTemporaryRedirect, GlobalConfig.GetFrontendRootDomain())
}

func GetUserLoggedIn(context *gin.Context) {
	oauthTokenJSON, err := context.Cookie("discord-oauthtoken")
	if err == nil {
		var oauthToken *oauth2.Token
		err := json.Unmarshal([]byte(oauthTokenJSON), &oauthToken)
		if err == nil {
			if oauthToken.Valid() {
				if user.GetLoggedInFromOAuthToken(GlobalDatabase, oauthTokenJSON) {
					context.JSON(http.StatusOK, gin.H{
						"message": true,
					})
					context.Set("is-authorized", true)
					return
				}
			}
		}
	}
	context.JSON(http.StatusUnauthorized, gin.H{
		"message": false,
	})
	context.Set("is-authorized", false)
}

func GetObjects(context *gin.Context) {
	objectIDs, idOk := context.GetQueryArray("id")
	if idOk {
		switch objectType := context.Param("object"); objectType {
		case "persons":
			context.JSON(http.StatusOK, gin.H{
				"persons": person.Get(GlobalDatabase, objectIDs),
			})
		case "groups":
			context.JSON(http.StatusOK, gin.H{
				"groups": group.Get(GlobalDatabase, objectIDs),
			})
		case "characters":
			context.JSON(http.StatusOK, gin.H{
				"characters": character.Get(GlobalDatabase, objectIDs),
			})
		case "roles":
			context.JSON(http.StatusOK, gin.H{
				"roles": role.Get(GlobalDatabase, objectIDs),
			})
		case "tiers":
			objectIDInts := objectIDStringsToInts(context, objectIDs)
			context.JSON(http.StatusOK, gin.H{
				"tiers": tier.Get(GlobalDatabase, *objectIDInts),
			})
		case "function-sets":
			objectIDInts := objectIDStringsToInts(context, objectIDs)
			context.JSON(http.StatusOK, gin.H{
				"function_sets": functionset.Get(GlobalDatabase, *objectIDInts),
			})
		case "functions":
			context.JSON(http.StatusOK, gin.H{
				"functions": function.Get(GlobalDatabase, objectIDs),
			})
		case "function-tags":
			context.JSON(http.StatusOK, gin.H{
				"function_tags": functiontag.Get(GlobalDatabase, objectIDs),
			})
		case "inventory-slot":
			objectIDInts := objectIDStringsToInts(context, objectIDs)
			context.JSON(http.StatusOK, gin.H{
				"inventory_slot": inventoryslot.Get(GlobalDatabase, *objectIDInts),
			})
		case "items":
			context.JSON(http.StatusOK, gin.H{
				"items": item.Get(GlobalDatabase, objectIDs),
			})
		case "item-tags":
			context.JSON(http.StatusOK, gin.H{
				"item_tags": itemtag.Get(GlobalDatabase, objectIDs),
			})
		case "customizations":
			context.JSON(http.StatusOK, gin.H{
				"customizations": customization.Get(GlobalDatabase, objectIDs),
			})
		case "schematics":
			objectIDInts := objectIDStringsToInts(context, objectIDs)
			context.JSON(http.StatusOK, gin.H{
				"schematics": schematic.Get(GlobalDatabase, *objectIDInts),
			})
		}
	} else {
		context.Status(http.StatusBadRequest)
	}
}

func GetAllObjects(context *gin.Context) {
	switch objectType := context.Param("object"); objectType {
	case "persons":
		context.JSON(http.StatusOK, gin.H{
			"persons": person.GetAll(GlobalDatabase),
		})
	case "groups":
		context.JSON(http.StatusOK, gin.H{
			"groups": group.GetAll(GlobalDatabase),
		})
	case "characters":
		context.JSON(http.StatusOK, gin.H{
			"characters": character.GetAll(GlobalDatabase),
		})
	case "roles":
		context.JSON(http.StatusOK, gin.H{
			"roles": role.GetAll(GlobalDatabase),
		})
	case "tiers":
		context.JSON(http.StatusOK, gin.H{
			"tiers": tier.GetAll(GlobalDatabase),
		})
	case "function-sets":
		context.JSON(http.StatusOK, gin.H{
			"function_sets": functionset.GetAll(GlobalDatabase),
		})
	case "functions":
		context.JSON(http.StatusOK, gin.H{
			"functions": function.GetAll(GlobalDatabase),
		})
	case "function-tags":
		context.JSON(http.StatusOK, gin.H{
			"function_tags": functiontag.GetAll(GlobalDatabase),
		})
	case "inventory-slot":
		context.JSON(http.StatusOK, gin.H{
			"inventory_slot": inventoryslot.GetAll(GlobalDatabase),
		})
	case "items":
		context.JSON(http.StatusOK, gin.H{
			"items": item.GetAll(GlobalDatabase),
		})
	case "item-tags":
		context.JSON(http.StatusOK, gin.H{
			"item_tags": itemtag.GetAll(GlobalDatabase),
		})
	case "customizations":
		context.JSON(http.StatusOK, gin.H{
			"customizations": customization.GetAll(GlobalDatabase),
		})
	case "schematics":
		context.JSON(http.StatusOK, gin.H{
			"schematics": schematic.GetAll(GlobalDatabase),
		})
	}
}

// Delete Endpoints (delete/)

func DeleteFunction(context *gin.Context) {
	GetUserLoggedIn(context)
	isAuthorized := context.GetBool("is-authorized")
	if isAuthorized {
		functionNames, ok := context.GetQueryArray("name")
		if ok {
			function.Delete(GlobalDatabase, functionNames)
			context.Status(http.StatusOK)
		} else {
			context.AbortWithStatus(http.StatusBadRequest)
		}
	} else {
		context.AbortWithStatus(http.StatusUnauthorized)
	}
}