package logic

import (
	"fmt"
	"fusenapi/utils/basic"
	"fusenapi/utils/email"
	"fusenapi/utils/encryption_decryption"
	"strings"

	"context"

	"fusenapi/server/ldap-admin/internal/svc"
	"fusenapi/server/ldap-admin/internal/types"

	"github.com/zeromicro/go-zero/core/logx"
)

type LdapUserLoginLogic struct {
	logx.Logger
	ctx    context.Context
	svcCtx *svc.ServiceContext
}

func NewLdapUserLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LdapUserLoginLogic {
	return &LdapUserLoginLogic{
		Logger: logx.WithContext(ctx),
		ctx:    ctx,
		svcCtx: svcCtx,
	}
}

// 处理进入前逻辑w,r
// func (l *LdapUserLoginLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
// }

func (l *LdapUserLoginLogic) LdapUserLogin(req *types.LdapUserLoginReq) (resp *basic.Response) {
	req.Email = strings.Trim(req.Email, " ")
	req.Password = strings.Trim(req.Password, " ")
	if !email.IsEmailValid(req.Email) {
		return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "邮箱格式不正确")
	}
	userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
	//查询dn

	ldapUserInfo, err := l.svcCtx.Ldap.GetLdapUserInfo(userDN)
	if err != nil {
		logx.Error(err)
		return resp.SetStatusWithMessage(basic.CodeServiceErr, "获取用户信息失败,"+err.Error())
	}
	if ldapUserInfo.Status != 1 {
		return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限登录")
	}
	if len(ldapUserInfo.Password) <= 7 {
		return resp.SetStatusWithMessage(basic.CodeUnAuth, "该帐号密码异常")
	}
	//解密密码
	ldapPwd, err := encryption_decryption.CBCDecrypt(ldapUserInfo.Password[7:])
	if err != nil {
		logx.Error(err)
		return resp.SetStatusWithMessage(basic.CodeServiceErr, "验证密码出错了!")
	}
	//比较密码
	if ldapPwd != req.Password {
		return resp.SetStatusWithMessage(basic.CodeServiceErr, "密码错误!")
	}
	//生成token
	token, err := l.svcCtx.Ldap.GenJwtToken(ldapUserInfo.UserId, l.svcCtx.Config.Auth.AccessExpire, ldapUserInfo.UserDN, l.svcCtx.Config.Auth.AccessSecret)
	if err != nil {
		logx.Error(err)
		return resp.SetStatusWithMessage(basic.CodeServiceErr, "生成登录凭证失败")
	}
	return resp.SetStatusWithMessage(basic.CodeOK, "success", types.LdapUserLoginRsp{
		Token: token,
	})
}

// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
// func (l *LdapUserLoginLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
// // httpx.OkJsonCtx(r.Context(), w, resp)
// }