use actix_identity::config::LogoutBehaviour;
use actix_identity::IdentityMiddleware;
use actix_remote_ip::RemoteIPConfig;
use actix_session::storage::CookieSessionStore;
use actix_session::SessionMiddleware;
use actix_web::cookie::{Key, SameSite};
use actix_web::middleware::Logger;
use actix_web::web::Data;
use actix_web::{web, App, HttpServer};
use light_openid::basic_state_manager::BasicStateManager;
use remote_backend::app_config::AppConfig;
use remote_backend::controllers::auth_controller;
use remote_backend::middlewares::auth_middleware::AuthChecker;
use remote_backend::{constants, virtweb_client};
use std::time::Duration;

#[actix_web::main]
async fn main() -> std::io::Result<()> {
    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));

    let state_manager = Data::new(BasicStateManager::new());

    HttpServer::new(move || {
        let session_mw = SessionMiddleware::builder(
            CookieSessionStore::default(),
            Key::from(AppConfig::get().secret().as_bytes()),
        )
        .cookie_name(constants::SESSION_COOKIE_NAME.to_string())
        .cookie_secure(AppConfig::get().cookie_secure)
        .cookie_same_site(SameSite::Strict)
        .cookie_domain(AppConfig::get().cookie_domain())
        .cookie_http_only(true)
        .build();

        let identity_middleware = IdentityMiddleware::builder()
            .logout_behaviour(LogoutBehaviour::PurgeSession)
            .visit_deadline(Some(Duration::from_secs(
                constants::MAX_INACTIVITY_DURATION,
            )))
            .login_deadline(Some(Duration::from_secs(constants::MAX_SESSION_DURATION)))
            .build();

        App::new()
            .wrap(Logger::default())
            .wrap(AuthChecker)
            .wrap(identity_middleware)
            .wrap(session_mw)
            .app_data(state_manager.clone())
            .app_data(Data::new(RemoteIPConfig {
                proxy: AppConfig::get().proxy_ip.clone(),
            }))
            .route(
                "/api/auth/start_oidc",
                web::get().to(auth_controller::start_oidc),
            )
            .route(
                "/api/auth/finish_oidc",
                web::post().to(auth_controller::finish_oidc),
            )
            .route(
                "/api/auth/user",
                web::get().to(auth_controller::current_user),
            )
            .route(
                "/api/auth/sign_out",
                web::get().to(auth_controller::sign_out),
            )
    })
    .bind(&AppConfig::get().listen_address)?
    .run()
    .await
}