package services

import (
	"crypto/md5"
	"encoding/hex"
	"errors"
	"strings"

	"server/models"
	"server/pkg/jwtutil"
)

type PlatformLoginUser struct {
	ID      uint64
	Account string
	Name    string
	Rid     uint64
	Avatar  string
}

func md5Hex(s string) string {
	sum := md5.Sum([]byte(s))
	return hex.EncodeToString(sum[:])
}

// PlatformLogin 平台登录业务（仅允许平台用户 yz_admin_user 登录）
func PlatformLogin(account, password string) (string, *PlatformLoginUser, error) {
	account = strings.TrimSpace(account)
	password = strings.TrimSpace(password)
	if account == "" || password == "" {
		return "", nil, errors.New("用户名或密码不能为空")
	}

	var user models.AdminUser
	err := models.Orm.QueryTable(new(models.AdminUser)).
		Filter("account", account).
		One(&user)
	if err != nil {
		return "", nil, errors.New("用户名或密码错误")
	}
	if user.Password != md5Hex(password) {
		return "", nil, errors.New("用户名或密码错误")
	}

	if user.Status == 0 {
		return "", nil, errors.New("账号已禁用")
	}
	const fakeTenantID = 0
	const userType = "platform"
	token, err := jwtutil.GenerateToken(int(user.ID), user.Account, fakeTenantID, userType)
	if err != nil {
		return "", nil, err
	}

	name := ""
	if user.Name != nil {
		name = *user.Name
	}
	avatar := ""
	if user.Avatar != nil {
		avatar = *user.Avatar
	}
	loginUser := &PlatformLoginUser{
		ID:      user.ID,
		Account: user.Account,
		Name:    name,
		Rid:     user.RoleID,
		Avatar:  avatar,
	}
	return token, loginUser, nil
}