package dethnote

import (
	"errors"
	"net/http"
	"strconv"

	"git.kirsle.net/apps/dethnote/src/vault"
)

// int form values...
func intFormValue(r *http.Request, name string) int {
	value, _ := strconv.Atoi(r.FormValue(name))
	return value
}

// CreateHandler covers the `/create` endpoint.
func (s *Server) CreateHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != http.MethodPost {
		WriteError(w, errors.New("Invalid request method"))
		return
	}

	// Parse the form fields.
	var (
		email          = r.FormValue("email")
		timeout        = intFormValue(r, "timeout")
		message        = r.FormValue("message")
		passwordLength = intFormValue(r, "length")
	)

	// Make a message object to hold this for now.
	m, err := vault.NewMessage(email, timeout, message, passwordLength)
	if err != nil {
		WriteError(w, err)
		return
	}

	// Begin the creation process.
	err = m.Create(s.root)
	if err != nil {
		WriteError(w, err)
		return
	}

	// Send them a verification email.
	s.SendVerificationEmail(r, m)

	// Store the hash path in the browser's cookies.
	s.SetCookie(w, "hash_path", vault.HashToFilename(m.PasswordHash))

	// OK! Redirect them to the "confirm your email" page.
	w.Header().Set("Location", "/verify-email")
	w.WriteHeader(http.StatusFound)
}