package auth

import (
	"encoding/json"
	jwtLib "github.com/dgrijalva/jwt-go"
	"github.com/dgrijalva/jwt-go/request"
	"github.com/gin-gonic/gin"
	"net/http"
	"strings"
	"time"
)

type jwtAuthManager struct {
	secret string
	expire time.Duration
	alg    string
}

func NewJwtAuthDriver() *jwtAuthManager {
	return &jwtAuthManager{
		secret: TokenKey,
		expire: time.Hour * 8,
		alg:    "HS256",
	}
}

func (jwtAuth *jwtAuthManager) Check(c *gin.Context) bool {
	token := c.Request.Header.Get("Authorization")
	b := "Bearer "
	if !strings.Contains(token, b) {
		return false
	}
	t := strings.Split(token, b)
	if len(t) < 2 {
		return false
	}
	var keyFunc = func(token *jwtLib.Token) (interface{}, error) {
		b := []byte(jwtAuth.secret)
		return b, nil
	}
	authJwtToken, err := request.ParseFromRequest(c.Request, request.OAuth2Extractor, keyFunc)
	if err != nil {
		return false
	}

	c.Set("User", map[string]interface{}{
		"token": authJwtToken,
	})

	return authJwtToken.Valid
}

func (jwtAuth *jwtAuthManager) User(c *gin.Context) map[string]interface{} {
	var jwtToken *jwtLib.Token
	if jwtUser, exist := c.Get("User"); !exist {
		tokenStr := strings.Replace(c.Request.Header.Get("Authorization"), "Bearer ", "", -1)
		if tokenStr == "" {
			return nil
		}
		var err error
		jwtToken, err = jwtLib.Parse(tokenStr, func(token *jwtLib.Token) (interface{}, error) {
			b := []byte(jwtAuth.secret)
			return b, nil
		})
		if err != nil {
			return nil
		}
	} else {
		jwtToken = jwtUser.(map[string]interface{})["token"].(*jwtLib.Token)
	}
	if claims, ok := jwtToken.Claims.(jwtLib.MapClaims); ok && jwtToken.Valid {
		var user map[string]interface{}
		if err := json.Unmarshal([]byte(claims["user"].(string)), &user); err != nil {
			return nil
		}
		c.Set("User", map[string]interface{}{
			"token": jwtToken,
			"user":  user,
		})
		return user
	} else {
		return nil
	}
}

func (jwtAuth *jwtAuthManager) Login(http *http.Request, w http.ResponseWriter, user map[string]interface{}) interface{} {

	token := jwtLib.New(jwtLib.GetSigningMethod(jwtAuth.alg))

	userStr, err := json.Marshal(user)
	token.Claims = jwtLib.MapClaims{
		"user": string(userStr),
		"exp":  time.Now().Add(jwtAuth.expire).Unix(),
	}

	tokenString, err := token.SignedString([]byte(jwtAuth.secret))
	if err != nil {
		return nil
	}

	return tokenString
}

func (jwtAuth *jwtAuthManager) Logout(http *http.Request, w http.ResponseWriter) bool {

	return true
}