import {setupApphierarchy, validUser,
    basicAppHierarchyCreator_WithFields} from "./specHelpers";
import { parseTemporaryCode,
    userAuthFile,
    USERS_LIST_FILE,
    getUserByName} from "../src/authApi/authCommon";


describe("authApi > changeMyPassword", () => {

    it("should be able to authenticate after a change", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "firstpassword");
        const firstPasswordCheck = await authApi.authenticate(u.name, "firstpassword");
        expect(firstPasswordCheck).not.toBeNull();
        const changeResult = await authApi.changeMyPassword("firstpassword", "secondpassword");
        expect(changeResult).toBe(true);
        const firstPasswordReCheck = await authApi.authenticate(u.name, "firstpassword");
        expect(firstPasswordReCheck).toBeNull();
        const secondPasswordCheck = await authApi.authenticate(u.name, "secondpassword");
        expect(secondPasswordCheck).not.toBeNull();
    });

    it("should not change password if current password is incorrect", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "firstpassword");
        const changeResult = await authApi.changeMyPassword("not-firstpassword", "secondpassword");
        expect(changeResult).toBe(false);
        const secondPasswordCheck = await authApi.authenticate(u.name, "secondpassword");
        expect(secondPasswordCheck).toBeNull();
    });

    it("should be allowed with no permissions", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "firstpassword");
        app.withNoPermissions();
        await authApi.changeMyPassword("firstpassword", "secondpassword");
    });

});


describe("authApi > resetPasswordFlow", () => {

    it("should successfully set password from temporary access", async () => {
        const {authApi,app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app,authApi, "firstpassword");

        const tempCode = await authApi.createTemporaryAccess(u.name);

        const result = await authApi.setPasswordFromTemporaryCode(tempCode,"secondpassword");
        expect(result).toBe(true);
        const secondPasswordCheck = await authApi.authenticate(u.name, "secondpassword");
        expect(secondPasswordCheck).not.toBeNull();

    });

    it("should not set password when temporary access expired", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "firstpassword");

        const tempCode = await authApi.createTemporaryAccess(u.name);

        const userAuth = await app.datastore.loadJson(
            userAuthFile(u.name)
        );
        userAuth.temporaryAccessExpiryEpoch = 0;
        await app.datastore.updateJson(
            userAuthFile(u.name), userAuth
        );
        const result = await authApi.setPasswordFromTemporaryCode(tempCode,"secondpassword");
        expect(result).toBe(false);
        const secondPasswordCheck = await authApi.authenticate(u.name, "secondpassword");
        expect(secondPasswordCheck).toBeNull();

    });

    it("should still be able to authenticate with password when temp access is set", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "firstpassword");

        await authApi.createTemporaryAccess(u.name);

        const secondPasswordCheck = await authApi.authenticate(u.name, "firstpassword");
        expect(secondPasswordCheck).not.toBeNull();

    });

});

describe("authApi > createTemporaryAccess", () => {

    it("should set users accessId annd userAuth hash and expiry", async () => {

        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "firstpassword");

        const tempCode = await authApi.createTemporaryAccess(u.name);
        const tempInfo = parseTemporaryCode(tempCode);

        const userAuth = await app.datastore.loadJson(
            userAuthFile(u.name)
        );

        const currentTime = await app.getEpochTime();
        expect(app.crypto.verify(userAuth.temporaryAccessHash, tempInfo.code)).toBeTruthy();
        expect(userAuth.temporaryAccessExpiryEpoch).toBeGreaterThan(currentTime);

        const users = await app.datastore.loadJson(USERS_LIST_FILE);
        const user = getUserByName(users, u.name);

        expect(user.temporaryAccessId).toBe(tempInfo.id);

    });

    it("should be allowed with no permissions", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "firstpassword");
        app.withNoPermissions();
        await authApi.createTemporaryAccess(u.name);
    });

});