use actix_web::http::{header, StatusCode};
use actix_web::{post, put, web, HttpResponse, ResponseError, Scope};
use exun::RawUnexpected;
use raise::yeet;
use serde::Deserialize;
use sqlx::MySqlPool;
use thiserror::Error;
use uuid::Uuid;

use crate::models::User;
use crate::services::crypto::PasswordHash;
use crate::services::{db, id};

#[derive(Clone, Deserialize)]
struct UserRequest {
	username: Box<str>,
	password: Box<str>,
}

#[derive(Debug, Clone, Hash, Error)]
#[error("An account with the given username already exists.")]
struct UsernameTakenError {
	username: Box<str>,
}

impl ResponseError for UsernameTakenError {
	fn status_code(&self) -> StatusCode {
		StatusCode::CONFLICT
	}
}

#[post("/")]
async fn create_user(
	body: web::Json<UserRequest>,
	conn: web::Data<MySqlPool>,
) -> Result<HttpResponse, UsernameTakenError> {
	let conn = conn.get_ref();

	let user_id = id::new_user_id(conn).await.unwrap();
	let username = body.username.clone();
	let password = PasswordHash::new(&body.password).unwrap();

	if db::username_is_used(conn, &body.username).await.unwrap() {
		yeet!(UsernameTakenError { username });
	}

	let user = User {
		user_id,
		username,
		password,
	};

	db::new_user(conn, &user).await.unwrap();

	let response = HttpResponse::Created()
		.insert_header((header::LOCATION, format!("users/{user_id}")))
		.finish();
	Ok(response)
}

#[put("/{user_id}")]
async fn update_user(
	user_id: web::Path<Uuid>,
	body: web::Json<UserRequest>,
	conn: web::Data<MySqlPool>,
) -> Result<HttpResponse, UsernameTakenError> {
	let conn = conn.get_ref();

	let user_id = user_id.to_owned();
	let username = body.username.clone();
	let password = PasswordHash::new(&body.password).unwrap();

	let old_username = db::get_username(conn, user_id).await.unwrap().unwrap();
	if username != old_username && db::username_is_used(conn, &body.username).await.unwrap() {
		yeet!(UsernameTakenError { username })
	}

	let user = User {
		user_id,
		username,
		password,
	};

	db::update_user(conn, &user).await.unwrap();

	let response = HttpResponse::NoContent()
		.insert_header((header::LOCATION, format!("users/{user_id}")))
		.finish();

	Ok(response)
}

#[put("/{user_id}/username")]
async fn update_username(
	user_id: web::Path<Uuid>,
	body: web::Json<Box<str>>,
	conn: web::Data<MySqlPool>,
) -> Result<HttpResponse, UsernameTakenError> {
	let conn = conn.get_ref();

	let user_id = user_id.to_owned();
	let username = body.clone();

	let old_username = db::get_username(conn, user_id).await.unwrap().unwrap();
	if username != old_username && db::username_is_used(conn, &body).await.unwrap() {
		yeet!(UsernameTakenError { username })
	}

	db::update_username(conn, user_id, &body).await.unwrap();

	let response = HttpResponse::NoContent()
		.insert_header((header::LOCATION, format!("users/{user_id}/username")))
		.finish();

	Ok(response)
}

#[put("/{user_id}/password")]
async fn update_password(
	user_id: web::Path<Uuid>,
	body: web::Json<Box<str>>,
	conn: web::Data<MySqlPool>,
) -> HttpResponse {
	let conn = conn.get_ref();

	let user_id = user_id.to_owned();
	let password = PasswordHash::new(&body).unwrap();

	db::update_password(conn, user_id, &password).await.unwrap();

	let response = HttpResponse::NoContent()
		.insert_header((header::LOCATION, format!("users/{user_id}/password")))
		.finish();

	response
}

pub fn service() -> Scope {
	web::scope("/users")
		.service(create_user)
		.service(update_user)
}