module Arcadex
	module Authentication

		################Below are authentication methods###########################
		############This should be called by the user##############################
		def self.full_authentication(params,request,should_use_email)
			auth_token = ::Arcadex::Header.grab_token(params,request)
			email = ::Arcadex::Header.grab_email(params,request)
			instance_hash = nil;
			if should_use_email
				instance_hash = ::Arcadex::Authentication.authenticate_with_email_token(auth_token,email)
			else
				instance_hash = ::Arcadex::Authentication.authenticate_with_only_token(auth_token)
			end
			if instance_hash.nil?
				return nil
			else
				token = instance_hash["current_token"]
				if token.first_ip_address.nil?
					token.first_ip_address = request.remote_ip
				end
				token.current_ip_address = request.remote_ip
				if token.times_used.nil?
					token.times_used = 0;
				end
				token.times_used = token.times_used + 1
				token.save
				return instance_hash
			end
		end

		#This should be used in the application_controller before all actions
		def self.authenticate_with_email_token(auth_token,email)
	    #Find token from auth_token and owner from token
	    token = ::Arcadex::Find.find_token_by_auth_token(auth_token)
	    owner = ::Arcadex::Find.find_owner_by_token(token)
	    #This assumes that the owner of the token is indeed a user
	    if !token.nil?
	    	user = ::Object.const_get(token.imageable_type).find_by(email: email)
	    	#user = ::People::User.find_by(email: email)
	    end
			#This is to mitigate timing attacks
	    ::Devise.secure_compare(auth_token,auth_token)
	    if owner.nil? || user.nil? || user.id != owner.id
	      return nil
	    else
	      #These are the variables available to every controller that inherits
	     	instance_hash = {"current_user" => owner, "current_token" => token}
	      return instance_hash
	    end
		end

		#This should be used in the application_controller before all actions
		def self.authenticate_with_only_token(auth_token)
	    #Find token from auth_token and owner from token
	    token = ::Arcadex::Find.find_token_by_auth_token(auth_token)
	    owner = ::Arcadex::Find.find_owner_by_token(token)
	    #This is to mitigate timing attacks
	    ::Devise.secure_compare(auth_token,auth_token)
	    if owner.nil?
	      return nil
	    else
	      #These are the variables available to every controller that inherits
	      instance_hash = {"current_user" => owner, "current_token" => token}
	      return instance_hash
	    end
		end

	end
end