using Authinator.Backend.Database;
using Authinator.Backend.Database.Tables;
using Authinator.Backend.Utils;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;

namespace Authinator.Pages;

public class UserResetModel : PageModel {

	public User? ModelUser;

	public IActionResult OnGet() {
		var db    = new DatabaseContext();
		var id    = int.Parse((string)(RouteData.Values["id"] ?? string.Empty));
		var token = (string)(RouteData.Values["token"] ?? string.Empty);
		var user  = db.Users.FirstOrDefault(p => p.Id == id);
		if (user is not { IsSignupComplete: true }) {
			return BadRequest();
		}

		if (!user.ValidateResetToken(token)) {
			return StatusCode(StatusCodes.Status403Forbidden);
		}

		ModelUser = user;
		return Page();
	}

	public async Task<IActionResult> OnPost() {
		if (Request.Form["action"] == "reset_password") {
			var db = new DatabaseContext();

			var id    = int.Parse((string)(RouteData.Values["id"] ?? string.Empty));
			var token = (string)(RouteData.Values["token"] ?? string.Empty);
			var user  = db.Users.FirstOrDefault(p => p.Id == id);
		
			if (user is not { IsSignupComplete: true }) {
				return BadRequest();
			}

			if (!user.ValidateResetToken(token)) {
				return StatusCode(StatusCodes.Status403Forbidden);
			}

			if (string.IsNullOrWhiteSpace(Request.Form["password"]) || ((string)Request.Form["password"])!.Length < 8) {
				return BadRequest(); //TODO "password too short" error message
			}

			user.SetPassword(Request.Form["password"]!);
			user.Iteration++;
			await db.SaveChangesAsync();
			
			Response.Cookies.Delete(ConfigCache.CookieName);
			return Redirect("/User");
		}

		return Redirect("/");
	}
}