from django.core.exceptions import ValidationError
from django import forms
from django.shortcuts import render
from django.http import HttpResponse, HttpResponseBadRequest, HttpResponseNotAllowed, HttpResponseNotFound
from django.shortcuts import redirect
from django.contrib.auth.decorators import login_required
from warpauth.ldap_connector import LDAPConnector
from warpauth.models import LdapUser, LdapUserForm
from warpauth.util import *
import logging
from django.conf import settings
import bcrypt

##
# http://www.python-ldap.org/doc/html/ldap.html#ldap.LDAPObject
# ToDo: first- and lastname, email, public?
##


def set_user_object(request):
    page_context['ldap_groups'] = request.user.ldap_user.group_names
    page_context['ldap_user_form'] = LdapUserForm(instance=LdapUser.objects.get(uid=str(request.user)))

 
def clear_error_messages():
    page_context["error_info"] = ""
    page_context["success_info"] = False
    page_context["error_passwd"] = ""
    page_context["success_passwd"] = False
    page_context["error_warp_pay_settings"] = ""
    page_context["success_warp_pay_settings"] = False

    page_context["selected_tab"] = ""

    
@login_required(login_url=settings.LOGIN_URL, redirect_field_name=None)
def index(request):
    clear_error_messages()
    page_context['ldap_groups'] = request.user.ldap_user.group_names
    page_context['ldap_user_form'] = LdapUserForm(instance=LdapUser.objects.get(uid=str(request.user)))
    return HttpResponse(render(request, 'warpauth/profile.html', page_context))


@login_required(login_url=settings.LOGIN_URL, redirect_field_name=None)
def change_information(request):
    clear_error_messages()
    set_user_object(request)
    if request.method != 'POST':
        return redirect("profile_index")

    user = LdapUser.objects.get(uid=str(request.user))
    if "first_name" in request.POST:
        first_name = request.POST["first_name"]
    if "last_name" in request.POST:
        last_name = request.POST["last_name"]
    
    if "card_id" in request.POST:
        card_id = request.POST["card_id"]
    else:
        card_id = 0

    if "email" not in request.POST:
        page_context["error_info"] = "err_invalid_email"
        return HttpResponse(render(request, 'warpauth/profile.html', page_context))
        
    email = request.POST["email"]
    f = forms.EmailField()
    try:
        f.clean(email)
    except ValidationError as e:
        page_context["error_info"] = "err_invalid_email"
        return HttpResponse(render(request, 'warpauth/profile.html', page_context))
    cn = first_name + " " + last_name
    cn = cn.strip()
    if first_name == "":
        first_name = "None"
    if last_name == "":
        last_name = "None"
    if cn == "":
        cn = "None"

    user.first_name = first_name
    user.last_name = last_name
    user.cn = cn
    user.email = email
    user.card_id = card_id

    user.save()

    page_context["success_info"] = True
    set_user_object(request)
    return HttpResponse(render(request, 'warpauth/profile.html', page_context))


@login_required(login_url=settings.LOGIN_URL, redirect_field_name=None)
def warp_pay_settings(request):
    page_context["selected_tab"] = "#warp_pay"
    if request.method == 'POST':
        user = LdapUser.objects.get(uid=str(request.user))
        if request.POST["new_pin"] != "":
           # if not "curr_pw" in request.POST or not request.user.check_password(request.POST["curr_pw"]):
           #     page_context["error_warp_pay_settings"] = "wrong_password"
            if request.POST["new_pin"].isnumeric() and request.POST["new_pin"] == request.POST["new_pin_confirm"]:
                pin = request.POST["new_pin"].encode('utf-8')
                user.pinCode = bcrypt.hashpw(pin, bcrypt.gensalt(10,prefix=b"2a")).decode('utf-8')
                user.save()
                page_context["success_warp_pay_settings"] = True
            else:
                page_context["error_warp_pay_settings"] = "pin_repeat_wrong"

    set_user_object(request)
    return HttpResponse(render(request, 'warpauth/profile.html', page_context))


@login_required(login_url=settings.LOGIN_URL, redirect_field_name=None)
def change_password(request):
    clear_error_messages()
    page_context["selected_tab"]="#change_passwd"
    if request.method != 'POST':
        return redirect("profile_index")
    print("old_pw" == "")
    if request.POST["old_pw"] == "" or request.POST["new_pw"]  == "" or request.POST["new_pw_confirm"] == "":
        page_context["error_passwd"] = "Please fill in all fields"
    elif request.POST["new_pw"] != request.POST["new_pw_confirm"]:
        page_context["error_passwd"] = "Password confirmation did not match"
    else:
        ldap_connector = LDAPConnector()
        ret = ldap_connector.change_user_password(request.user.ldap_user.dn, request.POST["old_pw"], request.POST["new_pw"])
        if ret == -1:
            page_context["error_passwd"] = "Old password did not match"
        else:
            send_password_change_notification(LdapUser.objects.get(uid=str(request.user)))
            page_context["success_passwd"] = True
    page_context['ldap_groups'] = request.user.ldap_user.group_names
    page_context['ldap_user_form'] = LdapUserForm(instance=LdapUser.objects.get(uid=str(request.user)))
    return HttpResponse(render(request, 'warpauth/profile.html', page_context))