package com.dowstats.controllers

import com.dowstats.Metadata
import com.dowstats.service.user.SteamService
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.security.authentication.RememberMeAuthenticationToken
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.web.context.HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY
import org.springframework.web.bind.annotation.GetMapping
import org.springframework.web.bind.annotation.RequestMapping
import org.springframework.web.bind.annotation.RestController
import org.springframework.web.servlet.view.RedirectView
import jakarta.servlet.http.HttpServletRequest
import jakarta.servlet.http.HttpSession


@RestController
@RequestMapping("/login")
@EnableWebSecurity
class LoginController @Autowired constructor(
    val steamService: SteamService,
) {

    @GetMapping
    fun getLogin(req: HttpServletRequest): RedirectView {

        val steamId = req.parameterMap["openid.identity"]?.get(0)?.split("/")?.last()
        val user = steamService.updateUserBySteamId(steamId!!)

        // TODO: introspect user

        val authReq = RememberMeAuthenticationToken(steamId, user, listOf(SimpleGrantedAuthority(Metadata.USER_ROLE)))

        val sc = SecurityContextHolder.getContext()
        sc.authentication = authReq
        val session: HttpSession = req.getSession(true)
        session.setAttribute(SPRING_SECURITY_CONTEXT_KEY, sc)

        return RedirectView("http://localhost:3000")
    }
}