import { Inject, Injectable, ForbiddenException } from '@nestjs/common'
import * as bcrypt from 'bcrypt'
import { PrismaService } from 'nestjs-prisma'
import { JwtService } from '@nestjs/jwt'
import { securityConfig, SecurityConfig } from 'src/common/configs'
import { CreateUserDto } from 'src/users/dto/create-user.dto'
import { EmailSendDto, EmailScene } from 'src/email/dto/email.dto'
import { EmailService } from 'src/email/email.service'
import { Prisma } from '@prisma/client'
import { TokenService } from './token.service'

@Injectable()
export class UsersService {
  constructor(
    private jwtService: JwtService,
    private prismaService: PrismaService,
    private emailService: EmailService,
    private tokenService: TokenService,
    @Inject(securityConfig.KEY)
    private secureConfig: SecurityConfig,
  ) {}

  async register(userToCreate: CreateUserDto) {
    await this.verifyEmail(
      userToCreate.email,
      userToCreate.token,
      userToCreate.verificationCode,
      EmailScene.register,
    )
    return this.createUser(userToCreate)
  }

  private async verifyEmail(
    email: string,
    token: string,
    verificationCode: string,
    scene: EmailScene,
  ) {
    const payload = this.jwtService.verify<EmailSendDto>(token, {
      secret: this.emailService.getEmailJwtSecret(verificationCode, scene),
    })
    if (payload.email !== email || payload.scene !== scene) {
      throw new ForbiddenException('请输入正确的邮箱验证码')
    }
  }

  private async createUser(userToCreate: Prisma.UserCreateInput) {
    const hashedPassword = await bcrypt.hash(
      userToCreate.password,
      this.secureConfig.bcryptSaltOrRound,
    )
    const user = await this.prismaService.user.create({
      data: {
        username: userToCreate.username,
        email: userToCreate.email,
        password: hashedPassword,
      },
    })
    return this.tokenService.generateTokens({ userId: user.id })
  }
}