use actix_web::{App, get, HttpServer, web};
use actix_web::middleware::Logger;
use clap::Parser;

use basic_oidc::constants::{DEFAULT_ADMIN_PASSWORD, DEFAULT_ADMIN_USERNAME};
use basic_oidc::controllers::assets_controller::assets_route;
use basic_oidc::controllers::login_controller::{login_route, logout_route};
use basic_oidc::data::app_config::AppConfig;
use basic_oidc::data::entity_manager::EntityManager;
use basic_oidc::data::user::{hash_password, User};
use basic_oidc::actors::users_actor::UsersActor;
use actix::Actor;
use actix_identity::{IdentityService, CookieIdentityPolicy};

#[get("/health")]
async fn health() -> &'static str {
    "Running"
}

#[actix_web::main]
async fn main() -> std::io::Result<()> {
    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));

    let mut config: AppConfig = AppConfig::parse();

    // In debug mode only, use dummy token
    if cfg!(debug_assertions) && config.token_key.is_empty() {
        config.token_key = String::from_utf8_lossy(&[32; 32]).to_string();
    }

    if !config.storage_path().exists() {
        log::error!(
            "Specified storage path {:?} does not exists!",
            config.storage_path()
        );
        panic!()
    }

    let mut users = EntityManager::<User>::open_or_create(config.users_file())
        .expect("Failed to load users list!");

    // Create initial user if required
    if users.is_empty() {
        log::info!("Create default {} user", DEFAULT_ADMIN_USERNAME);
        let default_admin = User {
            username: DEFAULT_ADMIN_USERNAME.to_string(),
            password: hash_password(DEFAULT_ADMIN_PASSWORD).unwrap(),
            need_reset_password: true,
            authorized_services: None,
            admin: true,
            ..Default::default()
        };

        users
            .insert(default_admin)
            .expect("Failed to create initial user!");
    }

    let users_actor = UsersActor::new(users).start();

    log::info!("Server will listen on {}", config.listen_address);

    HttpServer::new(move || {
        let policy = CookieIdentityPolicy::new(config.token_key.as_bytes())
            .name("auth-cookie")
            .secure(config.secure_auth_cookie);


        App::new()
            .app_data(web::Data::new(users_actor.clone()))

            .wrap(Logger::default())
            .wrap(IdentityService::new(policy))

            // /health route
            .service(health)

            // Assets serving
            .route("/assets/{path:.*}", web::get().to(assets_route))

            // Login page
            .route("/login", web::get().to(login_route))
            .route("/login", web::post().to(login_route))

            // Logout page
            .route("/logout", web::get().to(logout_route))
    })
        .bind(config.listen_address)?
        .run()
        .await
}