# frozen_string_literal: true

module Maquina
  class User < ApplicationRecord
    include Maquina::RetainPasswords
    include Maquina::AuthenticateBy
    include Maquina::Blockeable
    include Maquina::Multifactor

    PASSWORD_COMPLEXITY_REGEX = /\A(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&#-=+])[A-Za-z\d@$!%*?&#-=+]{8,}\z/
    has_secure_password

    has_many :memberships, class_name: "Maquina::Membership", foreign_key: :maquina_user_id, inverse_of: :user

    validates :email, presence: true, uniqueness: true, format: {with: URI::MailTo::EMAIL_REGEXP}
    validates :password, format: {with: PASSWORD_COMPLEXITY_REGEX}, unless: ->(user) { user.password.blank? }

    before_save :downcase_email

    def expired_password?
      return false if password_expires_at.blank?

      password_expires_at < Time.zone.now
    end

    def default_membership
      return nil if management?

      memberships.detect { |membership| membership.blocked_at.blank? && membership.organization.present? && membership.organization.active? }
    end

    private

    def downcase_email
      self.email = email.downcase
    end
  end
end