import secrets
import sys
import os
sys.path.append(os.path.join(os.path.dirname(__file__), ".."))

import argparse
from dotenv import load_dotenv

from sqlalchemy import select
from sqlalchemy.orm import Session
from argon2 import PasswordHasher

load_dotenv()

from app.models import *
from app.database import SessionLocal

def __get_user_by_email(db: Session, email: str):
    stmt = select(user.User).where(user.User.email == email)
    result = db.execute(stmt)
    return result.scalars().first()

def create_user(args):
    hasher = PasswordHasher(memory_cost=102400)
    with SessionLocal() as db:
        db_user = __get_user_by_email(db, args.email)
        if db_user is not None:
            print(f'Error: A user with email \'{args.email}\' already exists.')
            sys.exit(1)
        hashed_password = hasher.hash(args.password)
        db_user = user.User(
            friendly_name=args.name, email=args.email, password=hashed_password
        )
        db.add(db_user)
        db.commit()
        print(f'Success: Created user \'{args.email}\'.')

def reset_password(args):
    hasher = PasswordHasher(memory_cost=102400)
    with SessionLocal() as db:
        db_user = __get_user_by_email(db, args.email)
        if db_user is None:
            print(f'Error: No user with email \'{args.email}\' found.')
            sys.exit(1)
        db_user.password = hasher.hash(args.password)
        db.commit()
        print(f'Success: Changed password for user \'{args.email}\'.')

def set_role(args):
    with SessionLocal() as db:
        db_user = __get_user_by_email(db, args.email)
        if db_user is None:
            print(f'Error: No user with email \'{args.email}\' found.')
            sys.exit(1)
        db_user.role = user.Role(args.role)
        db.commit()
        print(f'Success: Role of user \'{args.email}\' changed to \'{db_user.role}\'.')

def generate_secret(args):
    print(f'Your secret: {secrets.token_urlsafe(64)}')

if __name__ == "__main__":
    parser = argparse.ArgumentParser()
    subparsers = parser.add_subparsers(help="subcommands", required=True)

    p_create_user = subparsers.add_parser('user_create', help='Create a new user')
    p_create_user.add_argument('--email', type=str, required=True, help='Email of the new user')
    p_create_user.add_argument('--password', type=str, required=True, help='Password for the new user')
    p_create_user.add_argument('--name', type=str, required=False, help='Display name of the new user')
    p_create_user.add_argument('--role', type=str, choices=('member', 'administrator'), default='member', required=False, help='Role of the new user')
    p_create_user.set_defaults(func=create_user)

    p_reset_password = subparsers.add_parser('user_reset_password', help='Reset password for a user')
    p_reset_password.add_argument('--email', type=str, required=True, help='Email of the user to modify')
    p_reset_password.add_argument('--password', type=str, required=True, help='New password for the specified user')
    p_reset_password.set_defaults(func=reset_password)

    p_set_role = subparsers.add_parser('user_set_role', help='Update role of a user')
    p_set_role.add_argument('--email', type=str, required=True, help='Email of the user to modify')
    p_set_role.add_argument('--role', type=str, choices=('member', 'administrator'), required=True, help='New role for the specified user')
    p_set_role.set_defaults(func=set_role)

    p_set_role = subparsers.add_parser('generate_secret', help='Generate safe to use secret for token signing')
    p_set_role.set_defaults(func=generate_secret)

    args = parser.parse_args()
    args.func(args)