'use strict';

let passport = require('../lib/passport');
let express = require('express');
let router = new express.Router();
let users = require('../lib/models/users');

router.get('/logout', (req, res) => passport.logout(req, res));

router.post('/login', passport.parseForm, (req, res, next) => passport.login(req, res, next));
router.get('/login', (req, res) => {
    res.render('users/login', {
        next: req.query.next
    });
});

router.get('/forgot', passport.csrfProtection, (req, res) => {
    res.render('users/forgot', {
        csrfToken: req.csrfToken()
    });
});

router.post('/forgot', passport.parseForm, passport.csrfProtection, (req, res) => {
    users.sendReset(req.body.username, err => {
        if (err) {
            req.flash('danger', err.message || err);
            return res.redirect('/users/forgot');
        } else {
            req.flash('success', 'An email with password reset instructions has been sent to your email address, if it exists on our system.');
        }
        return res.redirect('/users/login');
    });
});

router.get('/reset', passport.csrfProtection, (req, res) => {
    users.checkResetToken(req.query.username, req.query.token, (err, status) => {
        if (err) {
            req.flash('danger', err.message || err);
            return res.redirect('/users/login');
        }

        if (!status) {
            req.flash('danger', 'Unknown or expired reset token');
            return res.redirect('/users/login');
        }

        res.render('users/reset', {
            csrfToken: req.csrfToken(),
            username: req.query.username,
            resetToken: req.query.token
        });
    });
});

router.post('/reset', passport.parseForm, passport.csrfProtection, (req, res) => {
    users.resetPassword(req.body, (err, status) => {
        if (err) {
            req.flash('danger', err.message || err);
            return res.redirect('/users/reset?username=' + encodeURIComponent(req.body.username) + '&token=' + encodeURIComponent(req.body['reset-token']));
        } else if (!status) {
            req.flash('danger', 'Unknown or expired reset token');
        } else {
            req.flash('success', 'Your password has been changed successfully');
        }

        return res.redirect('/users/login');
    });
});

router.all('/account', (req, res, next) => {
    if (!req.user) {
        req.flash('danger', 'Need to be logged in to access restricted content');
        return res.redirect('/users/login?next=' + encodeURIComponent(req.originalUrl));
    }
    next();
});

router.get('/account', passport.csrfProtection, (req, res) => {
    let data = {
        csrfToken: req.csrfToken(),
        email: req.user.email
    };
    res.render('users/account', data);
});

router.post('/account', passport.parseForm, passport.csrfProtection, (req, res) => {
    users.update(Number(req.user.id), req.body, (err, success) => {
        if (err) {
            req.flash('danger', err.message || err);
        } else if (success) {
            req.flash('success', 'Account information updated');
        } else {
            req.flash('info', 'Account information not updated');
        }
        return res.redirect('/users/account');
    });
});

module.exports = router;