package password

import (
	"errors"

	"git.rosy.net.cn/jx-callback/business/auth2"
	"git.rosy.net.cn/jx-callback/business/model"
	"git.rosy.net.cn/jx-callback/business/model/dao"
)

const (
	AuthType = auth2.AuthTypePassword
)

type Auther struct {
	auth2.DefAuther
}

var (
	ErrUserAndPassNotMatch = errors.New("用户名密码不匹配")
)

func init() {
	auth2.RegisterAuther(AuthType, new(Auther))
}

func (a *Auther) VerifySecret(userID, passMD5 string) (authBind *model.AuthBind, err error) {
	if authBind, err = dao.GetAuthBind(nil, "", AuthType, userID, ""); err == nil {
		err = a.checkPassword(authBind, passMD5)
	} else if dao.IsNoRowsError(err) {
		err = auth2.ErrUserNotExist
	}
	return authBind, err
}

// 特殊接口
func (a *Auther) ChangePassword(userID, oldPassMD5, newPassMD5 string) (err error) {
	var authBind *model.AuthBind
	if authBind, err = dao.GetAuthBind(nil, "", AuthType, userID, ""); err == nil {
		if err = a.checkPassword(authBind, oldPassMD5); err == nil || authBind.AuthSecret == "" {
			authBind.AuthSecret = newPassMD5
			_, err = dao.UpdateEntity(nil, authBind, "AuthSecret")
		}
	} else if dao.IsNoRowsError(err) {
		err = auth2.ErrUserNotExist
	}
	return err
}

func (a *Auther) checkPassword(authBind *model.AuthBind, passMD5 string) (err error) {
	if authBind.AuthSecret != passMD5 {
		return ErrUserAndPassNotMatch
	}
	return nil
}