package art.servers.transactionsserver.model.access.login;

import art.library.interop.InteropParameters;
import art.library.interop.InteropResponse;
import art.library.interop.serialization.SerializationException;
import art.library.model.devices.user.UserIdentification;
import art.library.model.transactions.useraccess.AddressLogin;
import art.library.utils.licence.Licence;
import art.servers.transactionsserver.Shared;
import art.servers.transactionsserver.configuration.ConfigurationLoginBlockedManager;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;

public class LoginBlockedManager
{
    private int MINUTES_UNLOCK_USER = 15;
    private int MINUTES_UNLOCK_ADDRESS = 720;
    private int MAXIMUM_USER_LOGIN_ATTEMPS = 3;
    private int MAXIMUM_ADDRESS_LOGIN_ATTEMPS = 20;
    private boolean managerActivated = false;
    private BlockingNotificationEmailSender mailSender;
    
    public LoginBlockedManager(ConfigurationLoginBlockedManager configuration, BlockingNotificationEmailSender mailSender)
    {
        this.mailSender = mailSender;
        
        if (configuration != null)
        {
            managerActivated = configuration.activated;
            MINUTES_UNLOCK_USER = configuration.MINUTES_UNLOCK_USER;
            MINUTES_UNLOCK_ADDRESS = configuration.MINUTES_UNLOCK_ADDRESS;
            MAXIMUM_USER_LOGIN_ATTEMPS = configuration.MAXIMUM_USER_LOGIN_ATTEMPS;
            MAXIMUM_ADDRESS_LOGIN_ATTEMPS = configuration.MAXIMUM_ADDRESS_LOGIN_ATTEMPS;
            managerActivated = configuration.activated;
        }
    }
    
    public InteropResponse getBlockedUsers(InteropParameters parameters) throws SerializationException
    {
        try
        {
            List<UserIdentification> lblockedUsers = 
                    LoginBlockedRepository.getUserIdentifications().stream()
                    .filter(user -> user.attempts >= MAXIMUM_USER_LOGIN_ATTEMPS)
                    .map(user -> new UserIdentification(user.group, user.username, user.name, user.attempts))
                    .collect(Collectors.toList());
            return new InteropResponse(lblockedUsers.toArray(new UserIdentification[0]));
        } catch (Exception e)
        {
            throw new SerializationException(Shared.getMessage("error getting the list of blocked users"));
        }
    }
    
    public InteropResponse getBlockedIPAddresses(InteropParameters parameters) throws SerializationException
    {
        try
        {
            List<AddressLogin> lblockedAddressLogin = 
                    LoginBlockedRepository.getAddressLogins().stream()
                    .filter(address -> address.attempts >= MAXIMUM_ADDRESS_LOGIN_ATTEMPS)
                    .map(address -> new AddressLogin(address.loginAddress,address.attempts, address.timestamp))
                    .collect(Collectors.toList());
            return new InteropResponse(lblockedAddressLogin.toArray(new AddressLogin[0]));
        } catch (Exception e)
        {
            throw new SerializationException(Shared.getMessage("error getting the list of blocked IP addresses"));
        }
    }
        
    public InteropResponse unlockUsers(String[] lusernames) throws SerializationException
    {
        try
        {
            Arrays.stream(lusernames).forEach(name ->
            {
                try
                {
                    LoginBlockedRepository.removeUserIdentification(Licence.encrypt(name));
                } catch (Exception ex)
                {
                    throw new RuntimeException("error when enabling " + name + " username");
                }
            });
            return new InteropResponse(new Boolean(true));
        } catch (Exception e)
        {
            throw new SerializationException(Shared.getMessage("error when enabling users"));
        }
    }

    public InteropResponse unlockIPAddress(String[] lipAddress) throws SerializationException
    {
        try
        {
            Arrays.stream(lipAddress).forEach(ipAddress ->
            {
                try
                {
                    LoginBlockedRepository.removeAddress(ipAddress);
                } catch (Exception ex)
                {
                    throw new RuntimeException("error when enabling " + ipAddress + " address");
                }
            });
            return new InteropResponse(new Boolean(true));
        } catch (Exception e)
        {
            throw new SerializationException(Shared.getMessage("error when enabling IP addresses"));
        }
    }
    
    public void addFailedLoginAttempt(UserIdentification[] lusersIdentification, String loginAddress, long timestamp) throws Exception
    {
        if(!managerActivated) return;
        if ((lusersIdentification == null) || lusersIdentification[0] == null) throw new Exception("error empty users list");
        
        Arrays.stream(lusersIdentification).forEach(u ->
        {
            try
            {
                UserIdentification userIdentification = LoginBlockedRepository.getUserIdentification(u.username);
                if (userIdentification == null) userIdentification = u;
                userIdentification.name = Licence.decrypt(userIdentification.username);
                userIdentification.timestampEnd = timestamp;
                if (userIdentification.attempts < Integer.MAX_VALUE) userIdentification.attempts++;
                userIdentification.console = loginAddress;
                LoginBlockedRepository.setUserIdentification(userIdentification);
                if ((userIdentification.attempts >= MAXIMUM_USER_LOGIN_ATTEMPS) || (isAddressLoginBlocked(loginAddress)))
                    addFailedLoginAddressAttempt(loginAddress, timestamp, userIdentification.name);
                
                if (isUserBlocked(u.username) && userIdentification.attempts == MAXIMUM_USER_LOGIN_ATTEMPS)
                    mailSender.sendMailToAll(BlockingNotificationGenerator.generateUserBlockedMessage(userIdentification));
            } catch (Exception ex)
            {
                Logger.getLogger(LoginBlockedManager.class.getName()).log(Level.SEVERE, null, ex);
            }
        });
    }
    
    public void addCorrectLoginAttempt(UserIdentification[] lusersIdentification, String loginAddress, long timestamp) throws Exception
    {
        if(!managerActivated) return;
        if ((lusersIdentification == null) || lusersIdentification[0] == null) throw new Exception("error empty users list");
        
        Arrays.stream(lusersIdentification).forEach(u ->
        {
            try
            {
                UserIdentification userIdentification = LoginBlockedRepository.getUserIdentification(u.username);
                if (userIdentification == null) userIdentification = u;
                userIdentification.name = Licence.decrypt(userIdentification.username);
                userIdentification.timestampEnd = timestamp;
                userIdentification.attempts = 0;
                userIdentification.console = loginAddress;
                LoginBlockedRepository.removeUserIdentification(userIdentification.username);
                addCorrectLoginAddressAttempt(loginAddress, timestamp, userIdentification.name);
            } catch (Exception ex)
            {
                Logger.getLogger(LoginBlockedManager.class.getName()).log(Level.SEVERE, null, ex);
            }
        });
    }
    
    private void addFailedLoginAddressAttempt(String loginAddress, long timestamp, String notEncryptedUsername)
    {
        try
        {   
            AddressLogin addresssLogin = LoginBlockedRepository.getAddressLogin(loginAddress);
            if (addresssLogin == null) addresssLogin = new AddressLogin();
            addresssLogin.loginAddress = loginAddress;
            addresssLogin.timestamp = timestamp;
            if (addresssLogin.attempts < Integer.MAX_VALUE) addresssLogin.attempts++;
            LoginBlockedRepository.setAddressLogin(addresssLogin);
            
            if (isAddressLoginBlocked(loginAddress) && addresssLogin.attempts == MAXIMUM_ADDRESS_LOGIN_ATTEMPS)
                mailSender.sendMailToAll(BlockingNotificationGenerator.generateAddressBlockedMessage(addresssLogin, notEncryptedUsername));
        } catch (Exception e)
        {
            e.printStackTrace();
        }
    }
    
    private void addCorrectLoginAddressAttempt(String loginAddress, long timestamp, String notEncryptedUsername)
    {
        try
        {   
            AddressLogin addresssLogin = LoginBlockedRepository.getAddressLogin(loginAddress);
            if (addresssLogin == null) addresssLogin = new AddressLogin();
            addresssLogin.loginAddress = loginAddress;
            addresssLogin.timestamp = timestamp;
            addresssLogin.attempts = 0;
            LoginBlockedRepository.removeAddress(addresssLogin.loginAddress);
        } catch (Exception e)
        {
            e.printStackTrace();
        }
    }
    
    public boolean isAddressLoginBlocked(String loginAddress) throws Exception
    {
        if (!managerActivated) return false;
        
        AddressLogin addressLogin = LoginBlockedRepository.getAddressLogin(loginAddress);
        if ((addressLogin == null) || (addressLogin.attempts < MAXIMUM_ADDRESS_LOGIN_ATTEMPS))
        {
            return false;
        }
        return true;
    }
    
    public boolean isUserBlocked(String username) throws Exception
    {
        if (!managerActivated) return false;
        
        UserIdentification userIdentification = LoginBlockedRepository.getUserIdentification(username);
        if (userIdentification == null) return false;
        if (userIdentification.attempts < MAXIMUM_USER_LOGIN_ATTEMPS) return false;
        long dif = System.currentTimeMillis() - userIdentification.timestampEnd;
        if (dif > (MINUTES_UNLOCK_USER*60000L))
        {
            try
            {
                LoginBlockedRepository.removeUserIdentification(userIdentification.username);
            }
            catch (Exception ex)
            {

            }

            return(false);
        }

        return true;
    }
    
    /**
     * checkTimestampAttempts check if after the n minutes the counters have to be set to 0
     */
    public void checkTimestampAttempts()
    {
       long currentTimestamp = System.currentTimeMillis();
       checkTimestampAttempsUserIdentificaton(currentTimestamp);
       checkTimestampAttempsAddress(currentTimestamp);
    }
    
    private void checkTimestampAttempsUserIdentificaton(long currentTimestamp)
    {
        LoginBlockedRepository.getUserIdentifications().stream().forEach(user ->
        {
            if (user.attempts < MAXIMUM_USER_LOGIN_ATTEMPS)
            {
                long minutes = TimeUnit.MILLISECONDS.toMinutes(currentTimestamp - user.timestampEnd);
                if (minutes > MINUTES_UNLOCK_USER)
                {
                    try {
                        LoginBlockedRepository.removeUserIdentification(user.username);
                    } catch (Exception ex) {
                        Logger.getLogger(LoginBlockedManager.class.getName()).log(Level.SEVERE, null, ex);
                    }
                }
            }
        });
    }

    private void checkTimestampAttempsAddress(long currentTimestamp)
    {
        LoginBlockedRepository.getAddressLogins().stream().forEach(address ->
        {
            if (address.attempts < MAXIMUM_ADDRESS_LOGIN_ATTEMPS)
            {
                long minutes = TimeUnit.MILLISECONDS.toMinutes(currentTimestamp - address.timestamp);
                if (minutes > MINUTES_UNLOCK_ADDRESS)
                {
                    try {
                        LoginBlockedRepository.removeAddress(address.loginAddress);
                    } catch (Exception ex) {
                        Logger.getLogger(LoginBlockedManager.class.getName()).log(Level.SEVERE, null, ex);
                    }
                }
            }
        });
    }
}