const { Controller } = require('libflitter')

class AuthController extends Controller {
    static get services() {
        return [...super.services, 'models', 'auth']
    }

    async validate_username(req, res, next) {
        let is_valid = true

        if ( !req.body.username ) is_valid = false

        if ( is_valid ) {
            const User = this.models.get('auth:User')
            const user = await User.findOne({uid: req.body.username})
            if ( !user || !user.can_login ) is_valid = false
        }

        return res.api({ is_valid })
    }

    // TODO XSRF Token
    /*
     * Request Params:
     *  - username
     *  - password
     *  - [create_session = false]
     */
    async attempt(req, res, next) {
        const flitter = this.auth.get_provider('flitter')

        const errors = await flitter.validate_login(req.body)
        if ( errors && errors.length > 0 )
            return res.status(400)
                .message(`Unable to complete authentication: one or more errors occurred`)
                .api({ errors })

        const login_args = await flitter.get_login_args(req.body)
        const user = await flitter.login.apply(flitter, login_args)

        if ( !user )
            return res.status(200)
                .message(`Invalid username or password.`)
                .api({
                    message: `Invalid username or password.`,
                    success: false,
                })

        if ( req.body.create_session )
            await flitter.session(req, user)

        let destination = this.configs.get('auth.default_login_route')
        if ( req?.session?.auth?.flow ) {
            destination = req.session.auth.flow
            req.session.auth.flow = false
        }

        return res.api({
            success: true,
            session_created: !!req.body.create_session,
            next: destination,
        })
    }

}

module.exports = exports = AuthController