// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .

package mfa

import (
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
	"github.com/TeaOSLab/EdgeUser/internal/web/actions/actionutils"
	"github.com/iwind/TeaGo/maps"
	"github.com/xlzd/gotp"
)

type EnableAction struct {
	actionutils.ParentAction
}

func (this *EnableAction) RunPost(params struct{}) {
	// 修改OTP
	otpLoginResp, err := this.RPC().LoginRPC().FindEnabledLogin(this.UserContext(), &pb.FindEnabledLoginRequest{
		Type: "otp",
	})
	if err != nil {
		this.ErrorPage(err)
		return
	}
	{
		var otpLogin = otpLoginResp.Login
		if otpLogin == nil {
			otpLogin = &pb.Login{
				Id:   0,
				Type: "otp",
				ParamsJSON: maps.Map{
					"secret": gotp.RandomSecret(16), // TODO 改成可以设置secret长度
				}.AsJSON(),
				IsOn:   true,
				UserId: this.UserId(),
			}
		} else {
			// 如果已经有了，就覆盖，这样可以保留既有的参数
			otpLogin.IsOn = true
		}

		_, err = this.RPC().LoginRPC().UpdateLogin(this.UserContext(), &pb.UpdateLoginRequest{Login: otpLogin})
		if err != nil {
			this.ErrorPage(err)
			return
		}
	}

	this.Success()
}