/*
  User.ino

  This is a new module handling user systems on ESP8266

*/

//Create new user, creator must be admin
void HandleNewUser(AsyncWebServerRequest *r) {
  if (!IsAdmin(r)) {
    SendErrorResp(r, "this function require admin permission");
    return;
  }
  String username = GetPara(r, "username");
  String password = GetPara(r, "password");
  username.trim();
  password.trim();

  //Check if the inputs are valid
  if (username == "" || password == "") {
    SendErrorResp(r, "username or password is an empty string");
    return;
  } else if (password.length() < 8) {
    SendErrorResp(r, "password must contain at least 8 characters");
    return;
  }

  //Check if the user already exists
  if (DBKeyExists("user", username)) {
    SendErrorResp(r, "user with name: " + username + " already exists");
    return;
  }

  //OK create the user
  bool succ = DBWrite("user", username, sha1(password));
  if (!succ) {
    SendErrorResp(r, "write new user to database failed");
    return;
  }
  r->send(200, "application/json", "\"OK\"");
}

//Remove the given username from the system
void HandleRemoveUser(AsyncWebServerRequest *r) {
  if (!IsAdmin(r)) {
    SendErrorResp(r, "this function require admin permission");
    return;
  }

  String username = GetPara(r, "username");
  username.trim();

  //Check if the user exists
  if (!DBKeyExists("user", username)) {
    SendErrorResp(r, "user with name: " + username + " not exists");
    return;
  }

  //Okey, remove the user
  bool succ = DBRemove("user", username);
  if (!succ) {
    SendErrorResp(r, "remove user from system failed");
    return;
  }
  r->send(200, "application/json", "\"OK\"");
}

//Admin or the user themselve change password for the account
void HandleUserChangePassword(AsyncWebServerRequest *r) {
  
}