package authz

import (
	"crypto/rand"
	"encoding/csv"
	"encoding/hex"
	"fmt"
	"log/slog"
	"math/big"
	"os"

	"golang.org/x/crypto/bcrypt"
)

// NewTokenMap create a new token map
func NewTokenMap() TokenMap {
	return TokenMap{}
}

// TokenMap a map of username,hash
type TokenMap map[string]string

// LoadTokensFromFile load tokens from a csv into a map
func (tm TokenMap) LoadTokensFromFile(path string) error {
	// TODO this should be configurable
	contents, err := os.Open(path)
	if err != nil {
		slog.Error("File reading error", err)
		return err
	}
	defer contents.Close()
	r := csv.NewReader(contents)
	tokens, err := r.ReadAll()
	if err != nil {
		fmt.Println("File reading error", err)
		return err
	}
	for _, acctToken := range tokens {
		acct, hash := acctToken[0], acctToken[1]
		tm[acct] = hash
	}
	return err
}

// GenerateNewToken generate a new token
func GenerateNewToken() (string, string, error) {
	tokenBytes := make([]byte, 28)
	for i := range tokenBytes {
		maxInt := big.NewInt(int64(255))
		randInt, err := rand.Int(rand.Reader, maxInt)
		if err != nil {
			return "", "", err
		}
		tokenBytes[i] = uint8(randInt.Int64())
	}
	hashBytes, err := bcrypt.GenerateFromPassword(tokenBytes, bcrypt.DefaultCost)
	if err != nil {
		return "", "", err
	}
	token := hex.EncodeToString(tokenBytes)
	hash := string(hashBytes)
	return token, hash, nil
}