package web

import (
	"net/http"
	"net/http/httptest"
	"strings"
	"testing"

	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
)

func TestOverview_Returns200WithKeyHunter(t *testing.T) {
	srv, err := NewServer(Config{})
	require.NoError(t, err)

	req := httptest.NewRequest(http.MethodGet, "/", nil)
	rec := httptest.NewRecorder()
	srv.Router().ServeHTTP(rec, req)

	assert.Equal(t, http.StatusOK, rec.Code)
	assert.Contains(t, rec.Body.String(), "KeyHunter")
}

func TestStaticAsset_HtmxJS(t *testing.T) {
	srv, err := NewServer(Config{})
	require.NoError(t, err)

	req := httptest.NewRequest(http.MethodGet, "/static/htmx.min.js", nil)
	rec := httptest.NewRecorder()
	srv.Router().ServeHTTP(rec, req)

	assert.Equal(t, http.StatusOK, rec.Code)
	assert.Contains(t, rec.Body.String(), "htmx")
}

func TestAuth_Returns401_WhenConfiguredButNoCreds(t *testing.T) {
	srv, err := NewServer(Config{
		AuthUser: "admin",
		AuthPass: "secret",
	})
	require.NoError(t, err)

	req := httptest.NewRequest(http.MethodGet, "/", nil)
	rec := httptest.NewRecorder()
	srv.Router().ServeHTTP(rec, req)

	assert.Equal(t, http.StatusUnauthorized, rec.Code)
	assert.Contains(t, rec.Header().Get("WWW-Authenticate"), "Basic")
}

func TestAuth_BasicAuth_Returns200(t *testing.T) {
	srv, err := NewServer(Config{
		AuthUser: "admin",
		AuthPass: "secret",
	})
	require.NoError(t, err)

	req := httptest.NewRequest(http.MethodGet, "/", nil)
	req.SetBasicAuth("admin", "secret")
	rec := httptest.NewRecorder()
	srv.Router().ServeHTTP(rec, req)

	assert.Equal(t, http.StatusOK, rec.Code)
	assert.Contains(t, rec.Body.String(), "KeyHunter")
}

func TestAuth_BearerToken_Returns200(t *testing.T) {
	srv, err := NewServer(Config{
		AuthToken: "my-secret-token",
	})
	require.NoError(t, err)

	req := httptest.NewRequest(http.MethodGet, "/", nil)
	req.Header.Set("Authorization", "Bearer my-secret-token")
	rec := httptest.NewRecorder()
	srv.Router().ServeHTTP(rec, req)

	assert.Equal(t, http.StatusOK, rec.Code)
	assert.Contains(t, rec.Body.String(), "KeyHunter")
}

func TestAuth_NoAuthConfigured_PassesThrough(t *testing.T) {
	srv, err := NewServer(Config{})
	require.NoError(t, err)

	req := httptest.NewRequest(http.MethodGet, "/", nil)
	rec := httptest.NewRecorder()
	srv.Router().ServeHTTP(rec, req)

	assert.Equal(t, http.StatusOK, rec.Code)
}

func TestOverview_ShowsStats(t *testing.T) {
	srv, err := NewServer(Config{})
	require.NoError(t, err)

	req := httptest.NewRequest(http.MethodGet, "/", nil)
	rec := httptest.NewRecorder()
	srv.Router().ServeHTTP(rec, req)

	body := rec.Body.String()
	// Should display stat values (zeroes when no DB)
	assert.True(t, strings.Contains(body, "Total Keys Found"), "should show Total Keys stat card")
	assert.True(t, strings.Contains(body, "Providers Loaded"), "should show Providers stat card")
	assert.True(t, strings.Contains(body, "Recon Sources"), "should show Recon Sources stat card")
}