# -*- coding: utf-8 -*-
from openerp import http
from openerp.http import request
from passlib.context import CryptContext

import werkzeug.wrappers
import jwt
import json

crypt_context = CryptContext(
    ['pbkdf2_sha512', 'md5_crypt'],
    deprecated=['md5_crypt'],
)

'''
    Class for manage authentication
'''
class Auth(http.Controller):
    JWT_SECRET_KEY = '@MjSk$2016?'

    # --------------------------------------------------------------------------
    # Generate JWT token based on username and password field
    # --------------------------------------------------------------------------
    @http.route(['/api/jwt'], type = 'http', auth = 'none', methods = ['POST'], cors = '*')
    def get_jwt(self, **args):
        try:
            user = request.env['res.users'].sudo().search([('login', '=', args['username']), ('active', '=', True)])

            if len(user) != 0 and self.get_crypt_context().verify(args['password'], user.password_crypt):
                payload = {
                    'uid': user.id,
                    'password': args['password']
                }

                encoded = jwt.encode(payload, self.JWT_SECRET_KEY, algorithm = 'HS256')

                user.write({'jwt_token': encoded})

                return json.dumps({'token': encoded})
            else:
                return json.dumps({'error': 'invalid user or password'})
        except Exception, e:
            return json.dumps({'error': 'fields required'})

    # --------------------------------------------------------------------------
    # Check JWT token auth
    # --------------------------------------------------------------------------
    @http.route(['/api/check'], type = 'http', auth = 'none', cors = '*')
    def check_token(self, **args):
        try:
            user = request.env['res.users'].sudo().search([('jwt_token', '=', args['token'])])

            if len(user) != 0:
                decoded = jwt.decode(args['token'], self.JWT_SECRET_KEY, algorithms = ['HS256'])

                if self.get_crypt_context().verify(decoded['password'], user.password_crypt):
                    return json.dumps({'token': 'valid'})

            return json.dumps({'token': 'invalid'})
        except Exception, e:
            return json.dumps({'error': 'token required'})

    # --------------------------------------------------------------------------
    # Get context for encryption
    # --------------------------------------------------------------------------
    def get_crypt_context(self):
        return crypt_context


'''
    Class for manage rest api interaction
'''
class ApiManager(http.Controller):

    @http.route(['/api/customers'], type = 'http', auth = 'none', cors = '*')
    def customers(self):
        pass