const passport = require('passport');
const ActiveDirectoryStrategy = require('passport-activedirectory');
const fs = require('fs');
const path = require('path');
const { getUserData } = require('../Middlewares/watcherMiddleware');

const setupFilePath = path.join(__dirname, '../data', 'setup.json');

const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));

passport.use('ActiveDirectory', new ActiveDirectoryStrategy({
  integrated: false,
  ldap: {
    url: setupData[0].ldap.url,
    baseDN: setupData[0].ldap.baseDN,
    username: setupData[0].ldap.username,
    password: setupData[0].ldap.password
  }
}, function (profile, ad, done) {
  ad.isUserMemberOf(profile._json.dn, 'CDN-Access', function (err, isMember) {
    if (err) return done(err);

    if (!isMember) {
      return done(null, false, { message: 'L\'utilisateur n\'est pas autorisé.' });
    }

    return done(null, profile);
  });
}));

passport.serializeUser((user, done) => {
  done(null, user.name);
});

passport.deserializeUser(async (id, done) => {
  const users = await getUserData();
  
  const user = users.find(u => u.name === id || u.name === `.${id}`);
  
  if (user) {
    return done(null, user);
  } else {
    return done(new Error('User not valid'), null);
  }
});

module.exports = passport;