/*
package main

import (
	"log"
	"net/http"
)

func newIdentity(w http.ResponseWriter, r *http.Request) {
	log.Println("New Account")
	return
}

func main() {

	//pool = getDbPool()

	http.HandleFunc("/identity/new-account", newIdentity)
	log.Println("Server running on :8082")
	log.Fatal(http.ListenAndServe(":8082", nil))
}
*/

package main

import (
	"context"
	"encoding/json"
	"errors"
	"log"
	"net/http"
)

type LoginRequest struct {
	AccountID int64  `json:"account_id"`
	Username  string `json:"username"`
	Password  string `json:"password"`
}

/*
type Server struct {
	DB *pgxpool.Pool
}
*/

func LoginHandler(w http.ResponseWriter, r *http.Request) {
	//ctx := r.Context()

	var req LoginRequest
	var ok bool
	err := json.NewDecoder(r.Body).Decode(&req)
	if err != nil {
		http.Error(w, "invalid request", http.StatusBadRequest)
		return
	}

	var storedHash string

	err = pool.QueryRow(
		context.Background(),
		`SELECT password_hash
		 FROM identities
		 WHERE accountid=$1 AND provider_user_id=$2`,
		req.AccountID,
		req.Username,
	).Scan(&storedHash)

	if err != nil {
		http.Error(w, "invalid credentials", http.StatusUnauthorized)
		return
	}

	ok = verifyPassword(req.Password, storedHash)
	if err != nil {
		log.Println(err)
		http.Error(w, "authentication error", http.StatusInternalServerError)
		return
	}

	if !ok {
		http.Error(w, "invalid credentials", http.StatusUnauthorized)
		return
	}

	w.WriteHeader(http.StatusOK)
	w.Write([]byte("login successful"))
}

type argonParams struct {
	memory      uint32
	iterations  uint32
	parallelism uint8
	keyLength   uint32
}

func decodeHash(encoded string) (*argonParams, []byte, []byte, error) {
	// Placeholder for PHC parsing implementation
	return nil, nil, nil, errors.New("decodeHash not implemented")
}

func main() {
	pool = getDbPool()

	http.HandleFunc("/identity/create-local-identity", createLocalHandler)
	http.HandleFunc("/identity/authenticate", authenticateHandler)

	log.Println("server running on :8080")
	http.ListenAndServe(":8080", nil)
}