const passport = require('passport');
const ActiveDirectoryStrategy = require('passport-activedirectory');
const fs = require('fs');
const path = require('path');
const { getUserData } = require('../Middlewares/watcherMiddleware');

const setupFilePath = path.join('setup.json');
const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));

passport.use(new ActiveDirectoryStrategy({
  integrated: false,
  ldap: {
    url: setupData.ldap.url,
    baseDN: setupData.ldap.baseDN,
    username: setupData.ldap.username,
    password: setupData.ldap.password
  }
}, function (profile, ad, done) {
  ad.isUserMemberOf(profile._json.dn, 'CDN-Access', function (err, isMember) {
    if (err) return done(err);

    if (!isMember) {
      return done(null, false, { message: 'L\'utilisateur n\'est pas autorisé.' });
    }

    return done(null, profile);
  });
}));

passport.serializeUser((user, done) => {
  done(null, user.name);
});

passport.deserializeUser((id, done) => {
  const users = getUserData();
  
  console.log('id:', id);
  console.log('users:', users);
  
  const user = users.find(u => u.name === id.name || u.name === `.${id.name}`);
  
  if (user) {
    return done(null, user);
  } else {
    return done(new Error('User not valid'), null);
  }
});

module.exports = passport;