package handlers

import (
	"fmt"
	"log"
	"net/http"
)

func (a *App) handleActivateGet(w http.ResponseWriter, r *http.Request) {
	remoteUser := r.Header.Get("Remote-User")
	if remoteUser == "" {
		data := map[string]any{
			"AutheliaURL": a.cfg.AutheliaURL,
			"AppURL":      a.cfg.AppURL,
			"NeedLogin":   true,
		}
		a.tmpl.ExecuteTemplate(w, "activate.html", data)
		return
	}

	inGroup, _ := a.ldap.IsInGroup(remoteUser, "customers")
	if inGroup {
		http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
		return
	}

	data := map[string]any{
		"User":    remoteUser,
		"AppURL":  a.cfg.AppURL,
		"Ready":   true,
	}
	if err := a.tmpl.ExecuteTemplate(w, "activate.html", data); err != nil {
		log.Printf("template error: %v", err)
		http.Error(w, "internal error", http.StatusInternalServerError)
	}
}

func (a *App) handleActivatePost(w http.ResponseWriter, r *http.Request) {
	remoteUser := r.Header.Get("Remote-User")
	if remoteUser == "" {
		http.Error(w, "not authenticated", http.StatusUnauthorized)
		return
	}

	inGroup, _ := a.ldap.IsInGroup(remoteUser, "customers")
	if inGroup {
		http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
		return
	}

	if err := a.ldap.AddToGroup(remoteUser, "customers"); err != nil {
		log.Printf("activate: group add failed for %s: %v", remoteUser, err)
		http.Error(w, "activation failed, contact support", http.StatusInternalServerError)
		return
	}

	stackName := fmt.Sprintf("customer-%s", remoteUser)
	if err := a.swarm.DeployStack(stackName, remoteUser, a.cfg.TraefikDomain); err != nil {
		log.Printf("activate: stack deploy failed for %s: %v", remoteUser, err)
	}

	log.Printf("activated user %s: group=customers stack=%s", remoteUser, stackName)
	http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
}