package main

import (
	"context"
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"embed"
	"encoding/pem"
	"github.com/Kugelschieber/migo/api"
	"github.com/Kugelschieber/migo/db"
	"github.com/go-chi/chi/v5"
	"github.com/go-chi/chi/v5/middleware"
	"github.com/go-chi/cors"
	"github.com/go-chi/jwtauth/v5"
	"log"
	"net/http"
	"os"
	"os/signal"
	"path/filepath"
	"time"
)

var (
	//go:embed admin/dist/index.html
	index []byte

	//go:embed admin/dist/favicon.ico
	favicon []byte

	//go:embed admin/dist/assets
	assets embed.FS

	jwtAuth *jwtauth.JWTAuth
)

func init() {
	generateRSAKeys()

	/*jwtAuth = jwtauth.New("RS256", loadRSAPrivateKey(), loadRSAPublicKey())
	_, tokenString, err := jwtAuth.Encode(map[string]interface{}{"test": 42})*/
}

func generateRSAKeys() {
	err := os.Mkdir("secrets", 0755)

	if os.IsExist(err) {
		return
	} else if err != nil {
		log.Fatalf("Error creating secrets directory: %v", err)
	}

	key, err := rsa.GenerateKey(rand.Reader, 4096)

	if err != nil {
		log.Fatalf("Error generating RSA key: %v", err)
	}

	pub := key.Public()
	keyPEM := pem.EncodeToMemory(
		&pem.Block{
			Type:  "RSA PRIVATE KEY",
			Bytes: x509.MarshalPKCS1PrivateKey(key),
		},
	)
	pubPEM := pem.EncodeToMemory(
		&pem.Block{
			Type:  "RSA PUBLIC KEY",
			Bytes: x509.MarshalPKCS1PublicKey(pub.(*rsa.PublicKey)),
		},
	)

	if err := os.WriteFile("secrets/jwt.rsa", keyPEM, 0700); err != nil {
		log.Fatalf("Error writing private RSA key: %v", err)
	}

	if err := os.WriteFile("secrets/jwt.rsa.pub", pubPEM, 0755); err != nil {
		log.Fatalf("Error writing public RSA key: %v", err)
	}
}

func loadRSAPublicKey() *rsa.PublicKey {
	data, err := os.ReadFile("secrets/jwt.rsa.pub")

	if err != nil {
		log.Fatalf("Error loading RSA key: %v", err)
	}

	block, _ := pem.Decode(data)

	if block == nil {
		log.Fatalf("Error decoding RSA key: %v", err)
	}

	key, err := x509.ParsePKCS1PublicKey(block.Bytes)

	if err != nil {
		log.Fatalf("Error parsing RSA key: %v", err)
	}

	return key
}

func loadRSAPrivateKey() *rsa.PrivateKey {
	data, err := os.ReadFile("secrets/jwt.rsa")

	if err != nil {
		log.Fatalf("Error loading RSA key: %v", err)
	}

	block, _ := pem.Decode(data)

	if block == nil {
		log.Fatalf("Error decoding RSA key: %v", err)
	}

	key, err := x509.ParsePKCS1PrivateKey(block.Bytes)

	if err != nil {
		log.Fatalf("Error parsing RSA key: %v", err)
	}

	return key
}

func main() {
	if err := db.Init(); err != nil {
		log.Fatalf("Error initializing database: %v", err)
	}

	defer db.Close()
	dev := os.Getenv("MIGO_DEV") != ""
	router := chi.NewRouter()
	router.Use(middleware.Recoverer)
	router.Use(middleware.Compress(5))
	router.Use(cors.Handler(cors.Options{
		AllowedOrigins:   []string{"https://*", "http://*"},
		AllowedMethods:   []string{http.MethodGet, http.MethodPost, http.MethodPut, http.MethodDelete, http.MethodOptions},
		AllowedHeaders:   []string{"*"},
		AllowCredentials: true,
		MaxAge:           86400,
	}))
	router.Group(func(r chi.Router) {
		r.Use(jwtauth.Verifier(jwtAuth))
		r.Use(jwtauth.Authenticator)
		r.Route("/api/v1", func(r chi.Router) {
			r.Get("/debug", api.DebugHandler)
		})
	})
	router.Handle("/admin", http.RedirectHandler("/admin/", http.StatusFound))
	router.Route("/admin/", func(r chi.Router) {
		if dev {
			r.Handle("/assets/*", http.StripPrefix("/admin/assets/", http.FileServer(http.Dir("cmd/admin/dist/assets"))))
			r.Get("/favicon.ico", func(w http.ResponseWriter, r *http.Request) {
				http.ServeFile(w, r, "cmd/admin/dist/favicon.ico")
			})
			r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
				http.ServeFile(w, r, "cmd/admin/dist/index.html")
			})
		} else {
			fs := http.FileServer(http.FS(assets))
			r.Handle("/assets/*", http.StripPrefix("/admin/assets/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
				r.URL.Path = filepath.Join("admin/dist/assets", r.URL.Path)
				fs.ServeHTTP(w, r)
			})))
			r.Get("/favicon.ico", func(w http.ResponseWriter, r *http.Request) {
				w.Header().Set("Content-Type", "image/x-icon")

				if _, err := w.Write(favicon); err != nil {
					w.WriteHeader(http.StatusNotFound)
				}
			})
			r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
				w.Header().Set("Content-Type", "text/html")

				if _, err := w.Write(index); err != nil {
					w.WriteHeader(http.StatusNotFound)
				}
			})
		}
	})
	router.Get("/", func(w http.ResponseWriter, r *http.Request) {
		// TODO
		_, _ = w.Write([]byte("<h1>Hello World!</h1>"))
	})
	server := &http.Server{
		Handler:      router,
		Addr:         os.Getenv("MIGO_HOST"),
		WriteTimeout: 30 * time.Second,
		ReadTimeout:  30 * time.Second,
	}
	go func() {
		sigint := make(chan os.Signal, 1)
		signal.Notify(sigint, os.Interrupt)
		<-sigint
		log.Println("Shutting down server")
		ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)

		if err := server.Shutdown(ctx); err != nil {
			log.Printf("Error shutting down server gracefully: %v", err)
		}

		cancel()
	}()
	log.Println("Starting server")

	if err := server.ListenAndServe(); err != nil {
		log.Fatalf("Error starting server: %v", err)
	}
}