package main

import (
	"net/http"
	"html/template"
	"log"
	"fmt"
	"embed"
	"io"
	"os"
	"path"
	"path/filepath"
	"flag"
	"bufio"

	"github.com/google/uuid"
)

//go:embed templates
var tmplFS embed.FS

//go:embed favicon.ico
var favicon []byte


type BoxHandler struct {
	filesPath string
	token string
	deleteEnabled bool
}

func serve(w http.ResponseWriter, token string, views ...string) {
	t, err := template.New("index.html").ParseFS(tmplFS, views...)
	if err != nil {
		log.Fatal(err)
	}
	if err := t.Execute(w, token); err != nil {
		log.Fatal(err)
	}
}

func (handler BoxHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	switch r.Method {
	case http.MethodGet:
		if r.URL.Path == "/favicon.ico" {
			w.Write(favicon)
			return
		}
		if r.URL.Path == "/" {
			serve(w, handler.token, "templates/index.html")
		} else {
			resourceId := path.Base(r.URL.Path)
			http.ServeFile(w, r, filepath.Join(handler.filesPath, resourceId))
		}
		return
	case http.MethodDelete:
		if !handler.deleteEnabled {
			w.WriteHeader(http.StatusForbidden)
			return
		}
		token := r.Header.Get("X-Token")
		if token != handler.token {
			log.Println("unauthorized")
			w.WriteHeader(http.StatusUnauthorized)
			return
		}
		resourceId := path.Base(r.URL.Path)
		filename := filepath.Join(handler.filesPath, resourceId)
		err := os.Remove(filename)
		if err != nil {
			log.Println(err)
			w.WriteHeader(http.StatusBadRequest)
			fmt.Fprint(w, err.Error())
			return
		}
		log.Printf("Deleted %s", filename)
		w.WriteHeader(http.StatusNoContent)
	case http.MethodPost:
		if r.URL.Path != "/upload" {
			w.WriteHeader(http.StatusBadRequest)
			return
		}
		token := r.Header.Get("X-Token")
		if token != handler.token {
			log.Println("unauthorized")
			w.WriteHeader(http.StatusUnauthorized)
			return
		}
		ext := r.Header.Get("X-ResourceMeta-Extension")
		u, err := uuid.NewRandom()
		if err != nil {
			log.Println(err)
			fmt.Fprint(w, err.Error())
			w.WriteHeader(http.StatusInternalServerError)
			return
		}
		filename := filepath.Join(handler.filesPath, u.String()) + ext
		log.Printf("Boxing %s...\n", filename)
		f, err := os.Create(filename)
		if err != nil {
			log.Println(err)
			w.WriteHeader(http.StatusInternalServerError)
			fmt.Fprint(w, err.Error())
			return
		}
		defer r.Body.Close()
		io.Copy(f, r.Body)
		w.Header().Add("X-Resource-ID", filepath.Base(filename))

		log.Printf("Boxed %s\n", filename)
	default:
		w.WriteHeader(http.StatusMethodNotAllowed)
	}
}

func main() {
	host := flag.String("n", "", "The hostname to listen on")
	port := flag.Int("p", 8080, "The port to listen on")
	isToken := flag.Bool("t", false, "Use a token to protect uploads/deletes")
	filesPath := flag.String("d", "", "The path to the files")
	deleteEnabled := flag.Bool("D", false, "Enable deleting resources")
	flag.Parse()

	token := ""
	if *isToken {
		token = os.Getenv("BOX_TOKEN")
		if token == "" {
			fmt.Print("Token: ")
			sc := bufio.NewScanner(os.Stdin)
			sc.Scan()
			token = sc.Text()
		}
	}

	boxHandler := BoxHandler {
		*filesPath,
		token,
		*deleteEnabled,
	}
	if boxHandler.filesPath != "" {
		err := os.MkdirAll(boxHandler.filesPath, 0750)
		if err != nil {
			log.Fatal(err)
		}
	}
	log.Printf("Listening on %s:%d", *host, *port)
	log.Fatal(http.ListenAndServe(fmt.Sprintf("%s:%d", *host, *port), boxHandler))
}