package webutility

import (
	"net/http"
	"encoding/json"
	"fmt"
)

const templateHttpErr500_EN = "An internal server error has occurred."
const templateHttpErr500_RS = "Došlo je do greške na serveru."
const templateHttpErr400_EN = "Bad request: invalid request body."
const templateHttpErr400_RS = "Neispravan zahtev."
const templateHttpErr401_EN = "Unauthorized request."
const templateHttpErr401_RS = "Neautorizovan zahtev."

type httpError struct {
	Error   []HttpErrorDesc `json:"error"`
	Request string          `json:"request"`
}

type HttpErrorDesc struct {
	Lang string `json:"lang"`
	Desc string `json:"description"`
}

// ErrorResponse writes HTTP error to w.
func ErrorResponse(w http.ResponseWriter, r *http.Request, code int, desc []HttpErrorDesc) {
	err := httpError{ desc, r.Method + " " + r.URL.Path }
	w.WriteHeader(code)
	json.NewEncoder(w).Encode(err)
}

// BadRequestResponse writes HTTP error 400 to w.
func BadRequestResponse(w http.ResponseWriter, req *http.Request) {
	ErrorResponse(w, req, http.StatusBadRequest, []HttpErrorDesc{
		{ "en", templateHttpErr400_EN },
		{ "rs", templateHttpErr400_RS },
	})
}

// InternalSeverErrorResponse writes HTTP error 500 to w.
func InternalServerErrorResponse(w http.ResponseWriter, req *http.Request) {
	ErrorResponse(w, req, http.StatusInternalServerError, []HttpErrorDesc{
		{ "en", templateHttpErr500_EN },
		{ "rs", templateHttpErr500_RS },
	})
}

// UnauthorizedError writes HTTP error 401 to w.
func UnauthorizedResponse(w http.ResponseWriter, req *http.Request) {
	ErrorResponse(w, req, http.StatusUnauthorized, []HttpErrorDesc{
		{ "en", templateHttpErr401_EN },
		{ "rs", templateHttpErr401_RS },
	})
}

// TODO: Check for content type
// WrapHandler sets common headers, checks for token validity and performs access control checks.
// If authentication passes it calls the handlerFunc.
func WrapHandler(handlerFunc http.HandlerFunc, authorizedRoles []string) http.HandlerFunc {
	return func(w http.ResponseWriter, req *http.Request) {
		w.Header().Set("Access-Control-Allow-Origin", "*")

		w.Header().Set("Access-Control-Allow-Methods",
			"POST, GET, PUT, DELETE, OPTIONS")

		w.Header().Set("Access-Control-Allow-Headers",
			`Accept, Content-Type, Content-Length,
			Accept-Encoding, X-CSRF-Token, Authorization`)

		w.Header().Set("Content-Type", "application/json; charset=utf-8")

		if req.Method == "OPTIONS" {
			return
		}

		if authorizedRoles != nil {
			token := req.Header.Get("Authorization")
			claims, err := ParseAPIToken(token);
			if err != nil || !roleAuthorized(authorizedRoles, claims) {
				fmt.Printf("not authorized %s %s...\n", claims.Username, claims.Role)
				UnauthorizedResponse(w, req)
				return
			}
		}

		err := req.ParseForm()
		if err != nil {
			BadRequestResponse(w, req)
			return
		}

		// execute HandlerFunc
		handlerFunc(w, req)
	}
}

// NotFoundHandler writes HTTP error 404 to w.
func NotFoundHandler(w http.ResponseWriter, req *http.Request) {
	ErrorResponse(w, req, http.StatusNotFound, []HttpErrorDesc{
		{ "en", "Not found." },
		{ "rs", "Traženi resurs ne postoji." },
	})
}