package com.pollex.pam.web.rest;

import static com.pollex.pam.business.aop.logging.audit.AuditLoggingType.CONSULTANT_LOGIN;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.pollex.pam.business.aop.logging.audit.AuditLoggingInject;
import com.pollex.pam.business.security.token.EServiceAuthenticationToken;
import com.pollex.pam.business.service.ConsultantService;
import com.pollex.pam.business.service.util.AesUtil;
import com.pollex.pam.business.web.errors.OtpLoginFailException;
import com.pollex.pam.business.web.vm.EServiceLoginVM;
import com.pollex.pam.security.jwt.JWTFilter;
import com.pollex.pam.security.jwt.TokenProvider;

@RestController
@RequestMapping("/api/eService")
public class EServiceResource {
	
	private final static Logger log = LoggerFactory.getLogger(EServiceResource.class);


    @Autowired
    AuthenticationManagerBuilder authenticationManagerBuilder;

    @Autowired
    TokenProvider tokenProvider;

    @Autowired
    ConsultantService consultantService;

    @AuditLoggingInject(type = CONSULTANT_LOGIN)
    @PostMapping("/authenticate/{imgCode}")
    public ResponseEntity<UserJWTController.JWTToken> authorize(
    		@RequestBody EServiceLoginVM eServiceLoginVM
    		, HttpServletResponse response, HttpServletRequest request,
			@PathVariable String imgCode){
    	
    	String paswword = AesUtil.aesDecode(eServiceLoginVM.getPassword());
    	if(!StringUtils.hasText(paswword)) {
    		throw new OtpLoginFailException("密碼解密失敗");
    	}
    	
    	HttpSession session = request.getSession();
    	String sessionImpCode = (String) session.getAttribute("img_code");
    	
    	if (!StringUtils.hasText(sessionImpCode)
				|| !StringUtils.hasText(imgCode)) {
    		throw new OtpLoginFailException("驗證碼輸入錯誤");
		}
    	
    	if(!imgCode.equals(sessionImpCode)) {
    		throw new OtpLoginFailException("驗證碼輸入錯誤");
    	}
    	
    	session.setAttribute("img_code", null);
    	EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(
            eServiceLoginVM.getUsername(),
            paswword
        );

        Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
        consultantService.updateLoginTime(eServiceLoginVM.getUsername());
        SecurityContextHolder.getContext().setAuthentication(authenticationToken);

        String jwt = tokenProvider.createToken(authentication, false);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
        return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
    }
}