lapis = require "lapis"
db = require "lapis.db"
csrf = require "lapis.csrf"
encoding = require "lapis.util.encoding"

import capture_errors from require "lapis.application"
import assert_valid from require "lapis.validate"
import respond_to from require "lapis.application"

require "models.user"

class App extends lapis.Application
  [index: "/"]: =>
    @user = @session.user
    render: true

  [list: "/list"]: =>
    user = Users\find id: @session.user
    @list = Users\select!
    render: true

  [register: "/register"]: capture_errors respond_to {
    GET: =>
      @csrf_token = csrf.generate_token @
      render: true

    POST: =>
      csrf.assert_token @
      assert_valid @params, {
        { "email", exists: true, min_length: 3 }
        { "password", exists: true, min_length: 3 }
        { "password_again", equals: @params.password }
        { "name", exists: true, min_length: 3}
      }

      @params.password = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password)
      @params.password_again = nil
      @params.csrf_token = nil
      @params.extension = "9001"
      @params.registrar_password = encoding.encode_base64 encoding.hmac_sha1(@params.email, os.time!)

      if Users\find email: @params.email
        @title = "Failure"
        return status: 500, "User with that email already exists"

      user = Users\create @params
      user\write_session @

      @title = "Success"

      @html ->
        h1 "Success"
        p ->
          text "Your email is " .. user.email
        p ->
          text "Your extension is " .. user.id
        p ->
          text "Your sip password is "
          code user.registrar_password

        p "This will not be shown again so please be sure to write this down."

  }

  [login: "/login"]: capture_errors respond_to {
    GET: =>
      @csrf_token = csrf.generate_token @
      render: true

    POST: =>
      csrf.assert_token @
      assert_valid @params, {
        { "email", exists: true, min_length: 3 }
        { "password", exists: true, min_length: 3 }
      }

      user = Users\find email: @params.email

      cmppass = encoding.encode_base64 encoding.hmac_sha1("ninjas", @params.password)

      if user.password == cmppass
        user\write_session @

        @title = "Login successful"

        return "Hi " .. user.name
      else
        @title = "Login failure"
        return status: 500, "bad password"
  }

  [freeswitch: "/freeswitch"]: respond_to {
    POST: =>
      uid = @params["user"] or @params["sip_auth_username"]
      @user = Users\find id: uid

      render: true, layout: false
  }