use std::future::{ Ready, ready };
use actix_web::{web, FromRequest, Error as ActixWebError, HttpRequest, dev::Payload, http, http::header::HeaderValue, error::ErrorUnauthorized};
use serde::{Serialize, Deserialize};
use jsonwebtoken:: {decode, DecodingKey, errors::Error as JwtError, Algorithm, Validation, TokenData};
use crate::auth::Claims;
use crate::AppState;

#[derive(Serialize, Deserialize, Debug)]
pub struct AuthenticationToken {
    pub id: usize,
}

impl FromRequest for AuthenticationToken {
    type Error = ActixWebError;
    type Future = Ready<Result<Self, Self::Error>>;

    fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future {
        // get auth token from the authorization header
        let auth_header: Option<&HeaderValue> = req.headers().get(http::header::AUTHORIZATION);
        let auth_token: String = auth_header.unwrap().to_str().unwrap_or("").to_string(); // check errors later
        // stop empty and weird (ascii, chinese...) auth_token strings:
        if auth_token.is_empty() { return ready(Err(ErrorUnauthorized("Invalid auth token!")))}
        let secret: String = req.app_data::<web::Data<AppState>>().unwrap().secret.to_string();

        // decode token with secret
        let decode: Result<TokenData<Claims>, JwtError> = decode::<Claims>(
            &auth_token,
            &DecodingKey::from_secret(secret.as_str().as_ref()),
            &Validation::new(Algorithm::HS256),
        );

        println!("{}", auth_token);
        // return authenticationtoken
        match decode {
            Ok(token) => ready(Ok(AuthenticationToken { id: token.claims.id })),
            Err(_) => ready(Err(ErrorUnauthorized("Unauthorized!"))),
        }
    }
}

/* Example execution in curl:
curl localhost:8000/auth/protected -H "Accept: application/json" -H "Authorization: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MSwiZXhwIjoxNzY5MjAyNjU1fQ.QbWkgjmbmMwLJnia6vd67EfRkf6y-4nw572g-Nk0BOE"
*/