"""
OnlyLegs - Authentication
User registration, login and logout and locking access to pages behind a login
"""
import re
import logging

from flask import Blueprint, flash, redirect, request, url_for, abort, jsonify
from werkzeug.security import check_password_hash, generate_password_hash

from flask_login import login_user, logout_user, login_required

from sqlalchemy.orm import sessionmaker
from gallery import db


blueprint = Blueprint('auth', __name__, url_prefix='/auth')
db_session = sessionmaker(bind=db.engine)
db_session = db_session()


@blueprint.route('/login', methods=['POST'])
def login():
    """
    Log in a registered user by adding the user id to the session
    """
    error = []

    username = request.form['username'].strip()
    password = request.form['password'].strip()
    remember = bool(request.form['remember-me'])

    user = db_session.query(db.Users).filter_by(username=username).first()

    if not user or not check_password_hash(user.password, password):
        logging.error('Login attempt from %s', request.remote_addr)
        error.append('Username or Password is incorrect!')

    if error:
        abort(403)

    login_user(user, remember=remember)

    logging.info('User %s logged in from %s', username, request.remote_addr)
    flash(['Logged in successfully!', '4'])
    return 'ok', 200


@blueprint.route('/register', methods=['POST'])
def register():
    """
    Register a new user
    """
    error = []

    # Thanks Fennec for reminding me to strip out the whitespace lol
    username = request.form['username'].strip()
    email = request.form['email'].strip()
    password = request.form['password'].strip()
    password_repeat = request.form['password-repeat'].strip()

    email_regex = re.compile(r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b')
    username_regex = re.compile(r'\b[A-Za-z0-9._-]+\b')

    # Validate the form
    if not username or not username_regex.match(username):
        error.append('Username is invalid!')

    if not email or not email_regex.match(email):
        error.append('Email is invalid!')

    if not password:
        error.append('Password is empty!')
    elif len(password) < 8:
        error.append('Password is too short! Longer than 8 characters pls')

    if not password_repeat:
        error.append('Enter password again!')
    elif password_repeat != password:
        error.append('Passwords do not match!')

    user_exists = db_session.query(db.Users).filter_by(username=username).first()
    if user_exists:
        error.append('User already exists!')

    # If there are errors, return them
    if error:
        print(error)
        return jsonify(error), 400

    register_user = db.Users(username=username, email=email,
                             password=generate_password_hash(password, method='sha256'))
    db_session.add(register_user)
    db_session.commit()

    logging.info('User %s registered', username)
    return 'ok', 200


@blueprint.route('/logout')
@login_required
def logout():
    """
    Clear the current session, including the stored user id
    """
    logout_user()
    flash(['Goodbye!!!', '4'])
    return redirect(url_for('gallery.index'))