/*
 * Copyright (c) 2021 NIBIO <http://www.nibio.no/>. 
 * 
 * This file is part of VIPSLogic.
 * VIPSLogic is free software: you can redistribute it and/or modify
 * it under the terms of the NIBIO Open Source License as published by 
 * NIBIO, either version 1 of the License, or (at your option) any
 * later version.
 * 
 * VIPSLogic is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * NIBIO Open Source License for more details.
 * 
 * You should have received a copy of the NIBIO Open Source License
 * along with VIPSLogic.  If not, see <http://www.nibio.no/licenses/>.
 * 
 */
package no.nibio.vips.logic.service;

import java.util.HashMap;
import java.util.Map;
import java.util.UUID;

import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;


import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.webcohesion.enunciate.metadata.Facet;
import com.webcohesion.enunciate.metadata.rs.TypeHint;

import no.nibio.vips.logic.entity.UserUuid;
import no.nibio.vips.logic.entity.VipsLogicUser;
import no.nibio.vips.logic.util.SessionControllerGetter;

/**
 * Authentication services
 * @copyright 2021 <a href="http://www.nibio.no/">NIBIO</a>
 * @author Tor-Einar Skog <tor-einar.skog@nibio.no>
 */
@Path("rest/auth")
public class AuthenticationService {
	
	@Context
    private HttpServletRequest httpServletRequest;
	
	/**
	 * Authenticates user
	 * Example input
     * <pre>
     * {
        "username": "foo",
        "password": "bar"
      }
     </pre>
	 * @responseExample application/json {"success":"true", "UUID": "01bce95b-0004-4567-a4a2-3c184954fc15"}
	 * @responseExample application/json {"success":"false"}
	 */
	@POST
	@Path("login")
	@Consumes(MediaType.APPLICATION_JSON)
	@Produces(MediaType.APPLICATION_JSON)
	public Response login(JsonNode credentials) {
		// Get username and password from Json
		String username = credentials.get("username").asText();
		String password = credentials.get("password").asText();
		Map<String,String> creds = new HashMap();
        creds.put("username", username);
        creds.put("password", password);
		// Authenticate 
        VipsLogicUser user = SessionControllerGetter.getUserBean().authenticateUser(creds);
		// Return success (true/false) and UUID if success
        ObjectMapper objectMapper = new ObjectMapper();
        
        ObjectNode result = objectMapper.createObjectNode();
        if(user != null)
        {
        	UserUuid uuid = SessionControllerGetter.getUserBean().createAndPersistUserUuid(user);
        	result.put("success", true);
        	result.put("UUID", uuid.getUserUuidPK().getUserUuid().toString());
        }
        else
        {
        	result.put("success", false);
        }
        
        return Response.status(user != null ? Status.CREATED : Status.NOT_FOUND).entity(result).build();
	}
	
	/**
	 * Provide the UUID as the contents of the Authorization header
	 * @return The VIPSLogic user associated with this uuid, or 404 if not found
	 */
	@GET
	@Path("uuid")
	@Produces(MediaType.APPLICATION_JSON)
	@TypeHint(VipsLogicUser.class)
	public Response getUserByUuidInAuthorizationHeader()
	{
		String uuidStr = httpServletRequest.getHeader(HttpHeaders.AUTHORIZATION);
		UUID uuid = UUID.fromString(uuidStr);
		VipsLogicUser user = SessionControllerGetter.getUserBean().findVipsLogicUser(uuid);
		if(user != null)
		{
			// Also, renew the uuid by default length
			SessionControllerGetter.getUserBean().renewUserUuid(uuid);
			return Response.ok().entity(user).build();
		}
		else
		{
			return Response.status(Status.NOT_FOUND).build();
		}
	}
}