package com.pollex.pam.security.provider;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;

import com.pollex.pam.domain.Customer;
import com.pollex.pam.domain.OtpTmp;
import com.pollex.pam.enums.OtpTmpStatusEnum;
import com.pollex.pam.repository.CustomerRepository;
import com.pollex.pam.security.token.OtpAuthenticationToken;
import com.pollex.pam.service.CustomerAuthService;
import com.pollex.pam.service.OtpTmpService;
import com.pollex.pam.service.OtpUtilService;
import com.pollex.pam.web.rest.vm.OtpAccount;

@Component
public class OtpAuthenticationProvider {

    private static final Logger log = LoggerFactory.getLogger(OtpAuthenticationProvider.class);

    @Autowired
    CustomerAuthService customerAuthService;
    
    @Autowired
    CustomerRepository customerRepository;
    
    @Autowired
    OtpTmpService otpTmpService;
    
    @Autowired
    OtpUtilService otpUtilService;

    public Authentication authenticate(OtpAuthenticationToken otpAuthenticationToken) throws AuthenticationException {
        OtpAccount otpAccount = otpAuthenticationToken.getPrincipal();
        String account = otpAccount.getAccount();
        String indexKey = otpAccount.getIndexKey();
        String otpCode = otpAuthenticationToken.getCredentials();

        otpUtilService.verifyOtp(indexKey, otpCode);
        
    	setVerrifiedOtpTmp(account, indexKey);
    	
    	Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account)
    						.orElse(null);
    	
    	if (customer == null) {
    		throw new AuthenticationCredentialsNotFoundException("");
    	}
    	
    	return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);

    }

    private void setVerrifiedOtpTmp(String account, String indexKey) {
    	OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
    	otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
    	otpTmpService.save(otpTmp);
	}

		
}