module Composable
  module Pwdless
    class AuthController < BaseController
      def new
        @form = Form::Authentication.new
      end

      def create
        @form = Form::Authentication.call(authentication_params)

        if @form.success?
          deliver_authentication(@form)
          @form = @form.result
          block_given? ? yield(@form) : render(:edit)
        else
          render :new, status: :unprocessable_entity
        end
      end

      def update
        @form = Form::Verification.call(verification_params)

        if @form.success?
          verification_succeeded @form.data
        elsif @form.has_expired?
          verification_expired @form
        elsif @form.has_exceeded_attempts?
          verification_exceeded_attempts @form
        elsif @form.invalid_code?
          render :edit, status: :unprocessable_entity
        else
          verification_failed @form
        end
      end

      private

      # Override with your own logic to deliver a code to the user.
      def deliver_authentication(authentication)
        Pwdless::Mailer.with(authentication: authentication).notification_email.deliver
      end

      # Override with your own logic to do something with the valid data. For
      # example, you might setup the current user session here via:
      #
      # ```
      # def verification_succeeded(email)
      #   session[:user_id] = User.find_or_create_by(email: email)
      #   redirect_to dashboard_url
      # end
      # ```
      def verification_succeeded(email)
        redirect_to root_url
      end

      # Override with your own logic to do something when verification fails.
      def verification_failed(verification)
        redirect_to root_url
      end

      # Override with logic for when verification attempts are exceeded. For
      # example, you might want to tweak the flash message that's displayed
      # or redirect them to a page other than the one where they'd re-verify.
      def verification_exceeded_attempts(verification)
        flash[:composable_pwdless] =  Pwdless.t(:attempts_exceeded, scope: "errors.messages")
        redirect_to url_for(action: :new)
      end

      # Override with logic for when verification has expired. For
      # example, you might want to tweak the flash message that's displayed
      # or redirect them to a page other than the one where they'd re-verify.
      def verification_expired(verification)
        flash[:composable_pwdless] =  Pwdless.t(:expired, scope: "errors.messages")
        redirect_to url_for(action: :new)
      end

      def verification_params
        params.require(:composable_pwdless).permit(:code, :salt, :data)
      end

      def authentication_params
        params.require(:composable_pwdless).permit(:email)
      end
    end
  end
end