use actix_cors::Cors;
use actix_identity::config::LogoutBehaviour;
use actix_identity::IdentityMiddleware;
use actix_remote_ip::RemoteIPConfig;
use actix_session::storage::CookieSessionStore;
use actix_session::SessionMiddleware;
use actix_web::cookie::{Key, SameSite};
use actix_web::middleware::Logger;
use actix_web::web::Data;
use actix_web::{web, App, HttpServer};
use light_openid::basic_state_manager::BasicStateManager;
use remote_backend::app_config::AppConfig;
use remote_backend::constants;
use remote_backend::controllers::{auth_controller, server_controller, vm_controller};
use remote_backend::middlewares::auth_middleware::AuthChecker;
use std::time::Duration;

#[actix_web::main]
async fn main() -> std::io::Result<()> {
    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));

    let state_manager = Data::new(BasicStateManager::new());

    HttpServer::new(move || {
        let session_mw = SessionMiddleware::builder(
            CookieSessionStore::default(),
            Key::from(AppConfig::get().secret().as_bytes()),
        )
        .cookie_name(constants::SESSION_COOKIE_NAME.to_string())
        .cookie_secure(AppConfig::get().cookie_secure)
        .cookie_same_site(SameSite::Strict)
        .cookie_domain(AppConfig::get().cookie_domain())
        .cookie_http_only(true)
        .build();

        let identity_middleware = IdentityMiddleware::builder()
            .logout_behaviour(LogoutBehaviour::PurgeSession)
            .visit_deadline(Some(Duration::from_secs(
                constants::MAX_INACTIVITY_DURATION,
            )))
            .login_deadline(Some(Duration::from_secs(constants::MAX_SESSION_DURATION)))
            .build();

        let cors = Cors::default()
            .allowed_origin(&AppConfig::get().website_origin)
            .allowed_methods(vec!["GET", "POST", "PUT", "PATCH", "DELETE"])
            .allowed_header("X-Auth-Token")
            .allow_any_header()
            .supports_credentials()
            .max_age(3600);

        App::new()
            .wrap(Logger::default())
            .wrap(AuthChecker)
            .wrap(identity_middleware)
            .wrap(session_mw)
            .wrap(cors)
            .app_data(state_manager.clone())
            .app_data(Data::new(RemoteIPConfig {
                proxy: AppConfig::get().proxy_ip.clone(),
            }))
            .route(
                "/api/server/config",
                web::get().to(server_controller::config),
            )
            .route(
                "/api/auth/start_oidc",
                web::get().to(auth_controller::start_oidc),
            )
            .route(
                "/api/auth/finish_oidc",
                web::post().to(auth_controller::finish_oidc),
            )
            .route(
                "/api/auth/user",
                web::get().to(auth_controller::current_user),
            )
            .route(
                "/api/auth/sign_out",
                web::get().to(auth_controller::sign_out),
            )
            .route("/api/vm/list", web::get().to(vm_controller::list))
            .route("/api/vm/{uid}/state", web::get().to(vm_controller::state))
            .route("/api/vm/{uid}/start", web::get().to(vm_controller::start))
            .route(
                "/api/vm/{uid}/shutdown",
                web::get().to(vm_controller::shutdown),
            )
            .route("/api/vm/{uid}/kill", web::get().to(vm_controller::kill))
            .route("/api/vm/{uid}/reset", web::get().to(vm_controller::reset))
            .route(
                "/api/vm/{uid}/suspend",
                web::get().to(vm_controller::suspend),
            )
            .route("/api/vm/{uid}/resume", web::get().to(vm_controller::resume))
            .route(
                "/api/vm/{uid}/screenshot",
                web::get().to(vm_controller::screenshot),
            )
    })
    .bind(&AppConfig::get().listen_address)?
    .run()
    .await
}