package api

import (
	"context"
	"log"
	"net/http"
	"tixe/db"

	"github.com/gin-gonic/gin"
	"github.com/matthewhartstonge/argon2"
)

type PostInternalLoginDetails struct {
	Username string `form:"username"`
	Password string `form:"password"`
}

func PostInternalLogin(c *gin.Context) {
	userDetails := &PostInternalLoginDetails{}
	if err := c.Bind(userDetails); err != nil {
		log.Print("[tixe/api/iauth/login] Could not bind login details")
		c.String(http.StatusBadRequest, "could not bind login details")
		return;
	}

	// Fetch user
	var (
		username string
		passwordHash string
	)
	
	err := db.PgPool.QueryRow(context.Background(), "SELECT username, password FROM users WHERE username = $1", userDetails.Username).Scan(&username, &passwordHash)
	if err != nil {
		log.Printf("[tixe/api/iauth/login] WARN: Error querying internal user from database: %s", err.Error())
		c.String(http.StatusUnauthorized, "incorrect details")
		return
	}

	// Verify password
	ok, err := argon2.VerifyEncoded([]byte(userDetails.Password), []byte(passwordHash))
	if err != nil {
		log.Printf("[tixe/api/iauth/login] WARN: Error verifying internal user password: %s", err.Error())
		c.String(http.StatusUnauthorized, "incorrect details")
		return
	}

	if !ok {
		// Password did not match
		c.String(http.StatusUnauthorized, "incorrect details")
		return
	}

	

	c.Redirect(http.StatusTemporaryRedirect, "/")
}