package com.izouma.immall.web;

import com.izouma.immall.domain.User;
import com.izouma.immall.exception.AuthenticationException;
import com.izouma.immall.security.JwtTokenUtil;
import com.izouma.immall.security.JwtUserDetailsService;
import com.izouma.immall.security.JwtUserFactory;
import com.izouma.immall.service.UserService;
import io.swagger.annotations.ApiOperation;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Objects;

@Slf4j
@AllArgsConstructor
@RestController
@RequestMapping("/auth")
public class AuthenticationController {
    private AuthenticationManager authenticationManager;
    private JwtTokenUtil          jwtTokenUtil;
    private JwtUserDetailsService userDetailsService;
    private UserService           userService;

    @PostMapping("/login")
    public String loginByUserPwd(String username, String password, Integer expiration) {
        try {
            authenticate(username, password);
            final UserDetails userDetails = userDetailsService.loadUserByUsername(username);
            return jwtTokenUtil.generateToken(userDetails);
        } catch (Exception e) {
            log.error("loginByUserPwd", e);
            throw new AuthenticationException("用户名或密码错误", e);
        }
    }

    @PostMapping("/phoneLogin")
    @ApiOperation(value = "手机号登录")
    public String phoneLogin(String phone) {
        try {
            User user = userService.loginByPhone(phone);
            return jwtTokenUtil.generateToken(JwtUserFactory.create(user));
        } catch (Exception e) {
            log.error("loginByPhone", e);
            throw new AuthenticationException("登陆错误", e);
        }
    }

    @PostMapping("/mpLogin")
    @ApiOperation(value = "公众号登录")
    public String mpLogin(String code) {
        try {
            User user = userService.loginMp(code);
            return jwtTokenUtil.generateToken(JwtUserFactory.create(user));
        } catch (Exception e) {
            log.error("loginByCode", e);
            throw new AuthenticationException("登陆错误", e);
        }
    }

    @PostMapping("/maLogin")
    @ApiOperation(value = "小程序登录")
    public String maLogin(String code) {
        try {
            User user = userService.loginMa(code);
            return jwtTokenUtil.generateToken(JwtUserFactory.create(user));
        } catch (Exception e) {
            log.error("loginByCode", e);
            throw new AuthenticationException("登陆错误", e);
        }
    }

    /**
     * Authenticates the user. If something is wrong, an {@link AuthenticationException} will be thrown
     */
    private void authenticate(String username, String password) {
        Objects.requireNonNull(username);
        Objects.requireNonNull(password);
        try {
            authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
        } catch (DisabledException e) {
            throw new AuthenticationException("User is disabled!", e);
        } catch (BadCredentialsException e) {
            throw new AuthenticationException("Bad credentials!", e);
        }
    }
}