pub mod db;

use axum::{
    extract::Path, 
    routing::{get, post}, 
    Json, 
    Router
};
use axum_session_auth::AuthSession;
use axum_session_mongo::SessionMongoPool;
use crate::AppError;
use db::User;
use mongodb::{
    bson::{doc, oid::ObjectId}, Client
};

type AuthenticationSession = AuthSession<User, ObjectId, SessionMongoPool, Client>;

pub fn router() -> Router {
    Router::new()
        .nest("/:user_id", user_router())
        .route("/", 
            post(post_sign_up)
        )
}

fn user_router() -> Router {
    Router::new()
        .route("/sign-in",
            get(get_sign_in)
            .post(post_sign_in)
        )
        .route("/sign-out",
            post(post_sign_out))
        .route("/backup",
            post(post_backup)
        )
        .route("/restore",
            get(get_restore)
        )
}

pub async fn get_sign_in() {} //TODO: Get Salt

pub async fn post_sign_in(Path(user_id): Path<ObjectId>, auth: AuthenticationSession, body: String) -> Result<String, AppError> {
    let db = db::get_db_client().await?
        .database("dermy").collection::<User>("users");
        
    match db.find_one(doc!{ "_id": &user_id, "_auth._hash": body}, None).await? {
        Some(_user) => {
            auth.login_user(user_id);
            auth.remember_user(true);
            //TODO: Return API Key or Auth Key
        },
        None => {
            //TODO: Return or Redirect Unauthorized
        },
    };

    Ok(String::new())
}

pub async fn post_sign_up(Json(body): Json<User>) -> Result<(), AppError> {
    let db = db::get_db_client().await?
        .database("dermy").collection::<User>("users");
    let body = mongodb::bson::to_document(&body)?;
    
    match db.find_one(body, None).await? {
        Some(user) => {
                //TODO: Return or Redirect User Exists
        },
        None => {
                //TODO: Reutrn UsedId
        }
    }
    Ok(())
}


pub async fn post_sign_out(auth: AuthenticationSession) {
    match auth.is_authenticated() {
        true => auth.logout_user(),
        false => {
            //TODO: Redirect Not Logged in
        },
    }
}

pub async fn post_backup() {} //TODO: Backup

pub async fn get_restore() {} //TODO: Restore