var passport = require('passport'),
	LocalStrategy = require('passport-local').Strategy,
	crypto = require('crypto'),
	db = require('./db');


var auth = module.exports = {
  
  init: function(){
		passport.serializeUser(auth.serializeUser)
		passport.deserializeUser(auth.deserializeUser)

		passport.use(new LocalStrategy(auth.verifyLocalUser))
	},
	
	serializeUser: function (user, done) {
		done(null, user.id);
	},

	deserializeUser: function (id, done) {
    db.getUser(id).then(function(user){
      done(! user, user)
    })
	},
	
	validPassword: function(user, pw){
    var shasum = crypto.createHash('sha1')
    shasum.update(pw)
    return user.get('password') === shasum.digest('hex');
  },

	verifyLocalUser: function (username, password, done) {
    // handle passwords!!
		db.getUserByUsername(username).then(function(user){

			// if (err) { return done(err); }
			if (! user) { return done("no user") }

      return done(null, user)

			if (! user) {
				return done(null, false, { error: { errors: { username: { message: 'No such username.' } }}})
			}
			if (! auth.validPassword(user, password)) {
				return done(null, false, { error: { errors: { password: { message: 'Incorrect password.' } }}})
			}
			return done(null, user);
		})
	},
	
	loggedInLocal: function (req, res, next) {
		passport.authenticate("local", function(err, user, info){
			if (err) {
				return res.json({ error: err });
			}
			if (! user) {
				return info ? res.json(info) : res.redirect("/login");
			}
			
			// user.last_seen = new Date ()
			// user.save(function(err, data){ if (err) console.err('error setting ip for user') })

			req.logIn(user, function(err) {
				if (err) { return next(err); }
				var returnTo = req.session.returnTo
				delete req.session.returnTo
				return res.json({ status: "OK", returnTo: returnTo || "/index" })
			});
		})(req, res, next)
  },
}