/*
 * @author gs
 * @date 2020/07/30 15:07
 * @modified-user songxiwen
 * @modified-date 2020/08/06 17:24
 * @modified-description perf canActivate
 */

import {
  CanActivate,
  ExecutionContext,
  Inject,
  Injectable
} from '@nestjs/common';
import { AuthService, UserService } from '../../module';
import { RequestWhitelist } from '../../constant/request.whitelist';
import { ServerError } from '../error/server.error';

@Injectable()
export class AuthGuard implements CanActivate {
  constructor(
    @Inject('AuthService')
    private readonly authService: AuthService,
    @Inject('UserService')
    private readonly userService: UserService
  ) {}

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const request = context.switchToHttp().getRequest();
    if (RequestWhitelist.contains(request.url)) {
      return true;
    }
    const { token } = request.headers;
    if (!token) {
      throw ServerError.code.AuthTokenNotExists;
    }
    const tokenModel = await this.authService.findOne({ value: token });
    if (
      tokenModel &&
      tokenModel.value === token &&
      tokenModel.expiration &&
      new Date().getTime() < tokenModel.expiration.getTime()
    ) {
      const user = await this.userService.findOne({ _id: tokenModel.userId });
      if (
        !user ||
        (Object.prototype.hasOwnProperty.call(user.toObject(), 'isForbidden') &&
          user.isForbidden)
      ) {
        throw ServerError.code.AuthException;
      }
      const today = new Date();
      const expirationDate = new Date(today);
      expirationDate.setDate(today.getDate() + 30);
      tokenModel.expiration = expirationDate;
      await tokenModel.save();
      request.headers.towifyUserId = tokenModel.userId;
      return true;
    }
    throw ServerError.code.AuthException;
  }
}