package system

import (
	"encoding/json"
	"net/http"
	"strings"

	"management/internal/db/model/dto"
	"management/internal/erpserver/biz"
	"management/internal/erpserver/model/req"
	"management/internal/global/know"
	"management/internal/pkg/session"
	"management/internal/pkg/tpl"

	"github.com/zhang2092/browser"
)

type UserHandler interface {
	Add(w http.ResponseWriter, r *http.Request)
	Edit(w http.ResponseWriter, r *http.Request)
	Save(w http.ResponseWriter, r *http.Request)
	List(w http.ResponseWriter, r *http.Request)

	UserExpansion
}

type UserExpansion interface {
	Login(w http.ResponseWriter, r *http.Request)
	Logout(w http.ResponseWriter, r *http.Request)
}

// userHandler 是 UserHandler 接口的实现.
type userHandler struct {
	render  tpl.Renderer
	session session.ISession
	biz     biz.IBiz
}

// 确保 userHandler 实现了 UserHandler 接口.
var _ UserHandler = (*userHandler)(nil)

func NewUserHandler(render tpl.Renderer, session session.ISession, biz biz.IBiz) *userHandler {
	return &userHandler{
		render:  render,
		session: session,
		biz:     biz,
	}
}

func (h *userHandler) Add(w http.ResponseWriter, r *http.Request) {}

func (h *userHandler) Edit(w http.ResponseWriter, r *http.Request) {}

func (h *userHandler) Save(w http.ResponseWriter, r *http.Request) {}

func (h *userHandler) List(w http.ResponseWriter, r *http.Request) {}

func (h *userHandler) Login(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()
	if r.Method == http.MethodGet {
		var user dto.AuthorizeUser
		u := h.session.GetBytes(ctx, know.StoreName)
		if err := json.Unmarshal(u, &user); err == nil {
			// 判断租户是否一致, 一致则刷新令牌，跳转到首页
			if err := h.session.RenewToken(ctx); err == nil {
				h.session.Put(ctx, know.StoreName, u)
				http.Redirect(w, r, "/home.html", http.StatusFound)
				return
			}
		}

		h.session.Destroy(ctx)
		h.render.HTML(w, r, "oauth/login.tmpl", nil)
		return
	} else if r.Method == http.MethodPost {
		req := &req.Login{
			Email:     strings.TrimSpace(r.PostFormValue("email")),
			Password:  strings.TrimSpace(r.PostFormValue("password")),
			CaptchaID: strings.TrimSpace(r.PostFormValue("captcha_id")),
			Captcha:   strings.TrimSpace(r.PostFormValue("captcha")),
			Ip:        r.RemoteAddr,
			Referrer:  r.Header.Get("Referer"),
			Url:       r.URL.RequestURI(),
		}

		if len(req.Email) == 0 {
			h.render.JSON(w, tpl.Response{Success: false, Message: "请填写邮箱"})
			return
		}
		if len(req.Password) == 0 {
			h.render.JSON(w, tpl.Response{Success: false, Message: "请填写密码"})
			return
		}
		if len(req.Captcha) == 0 {
			h.render.JSON(w, tpl.Response{Success: false, Message: "请填写验证码"})
			return
		}
		if !h.biz.CommonV1().CaptchaBiz().Verify(req.CaptchaID, req.Captcha, true) {
			h.render.JSON(w, tpl.Response{Success: false, Message: "验证码错误"})
			return
		}

		br, err := browser.NewBrowser(r.Header.Get("User-Agent"))
		if err != nil {
			h.render.JSONERR(w, "平台信息获取错误")
			return
		}

		req.Os = br.Platform().Name()
		req.Browser = br.Name()
		err = h.biz.SystemV1().UserBiz().Login(ctx, req)
		if err != nil {
			h.render.JSONERR(w, err.Error())
			return
		}

		h.render.JSONOK(w, "login successful")
		return
	}

	http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
}

func (h *userHandler) Logout(w http.ResponseWriter, r *http.Request) {
	h.session.Destroy(r.Context())
	http.Redirect(w, r, "/", http.StatusFound)
}