auth = require 'basic-auth'
Q = require "q"
Client = require("../model/clients").Client
logger = require "winston"
crypto = require "crypto"

bcrypt = require 'bcryptjs'

config = require '../config/config'
statsdServer = config.get 'statsd'
application = config.get 'application'
SDC = require 'statsd-client'
os = require 'os'

domain = "#{os.hostname()}.#{application.name}.appMetrics"
sdc = new SDC statsdServer

bcryptCompare = (pass, client, callback) -> bcrypt.compare pass, client.passwordHash, callback

cryptoCompare = (pass, client, callback) ->
  hash = crypto.createHash client.passwordAlgorithm
  hash.update pass
  hash.update client.passwordSalt
  if hash.digest('hex') == client.passwordHash
    callback null, true
  else
    callback null, false

comparePasswordWithClientHash = (pass, client, callback) ->
  if client.passwordAlgorithm in crypto.getHashes()
    cryptoCompare pass, client, callback
  else
    bcryptCompare pass, client, callback


exports.authenticateUser = (ctx, done) ->
  user = auth ctx

  if user
    Client.findOne { clientID: user.name }, (err, client) ->
      return done err if err

      if client
        if not (client.passwordAlgorithm and client.passwordHash)
          logger.warn "#{user.name} does not have a basic auth password set"
          return done null, null

        comparePasswordWithClientHash user.pass, client, (err, res) ->
          return done err if err

          if res
            logger.info "#{user.name} is authenticated."
            ctx.authenticated = client
            ctx.authenticationType = 'basic'
            done null, client
          else
            logger.info "#{user.name} could NOT be authenticated, trying next auth mechanism if any..."
            done null, null
      else
        logger.info "#{user.name} not found, trying next auth mechanism if any..."
        done null, null
  else
    logger.info "No basic auth details supplied, trying next auth mechanism if any..."
    ctx.authenticated = null # Set to empty object rather than null
    done null, null

###
# Koa middleware for authentication by basic auth
###
exports.koaMiddleware = (next) ->
  startTime = new Date() if statsdServer.enabled
  if this.authenticated?
    yield next
  else
    authenticateUser = Q.denodeify exports.authenticateUser
    yield authenticateUser this
    if this.authenticated?.clientID?
      this.header['X-OpenHIM-ClientID'] = this.authenticated.clientID
    sdc.timing "#{domain}.basicAuthMiddleware", startTime if statsdServer.enabled
    yield next