package de.neitzel.roleplay.data;

import io.quarkus.elytron.security.common.BcryptUtil;
import io.quarkus.hibernate.orm.panache.PanacheEntityBase;
import io.quarkus.security.jpa.Password;
import io.quarkus.security.jpa.Roles;
import io.quarkus.security.jpa.UserDefinition;
import io.quarkus.security.jpa.Username;

import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.Id;
import jakarta.persistence.Table;

import java.util.UUID;

/**
 * JPA entity for an application user stored in {@code rp_user}.
 * Used by Quarkus Security JPA for form-based authentication (username/password, roles).
 */
@Entity
@Table(name = "rp_user")
@UserDefinition
public class UserEntity extends PanacheEntityBase {

    @Id
    @Column(name = "id", length = 36, nullable = false, updatable = false)
    private UUID id;

    @Username
    @Column(name = "username", nullable = false, unique = true, length = 255)
    private String username;

    @Password
    @Column(name = "password", nullable = false, length = 255)
    private String password;

    @Roles
    @Column(name = "role", nullable = false, length = 50)
    private String role;

    /**
     * Default constructor for JPA.
     */
    public UserEntity() {
    }

    /**
     * Returns the unique identifier of this user.
     */
    public UUID getId() {
        return id;
    }

    /**
     * Sets the unique identifier of this user.
     */
    public void setId(final UUID id) {
        this.id = id;
    }

    /**
     * Returns the login name of this user.
     */
    public String getUsername() {
        return username;
    }

    /**
     * Sets the login name of this user.
     */
    public void setUsername(final String username) {
        this.username = username;
    }

    /**
     * Returns the bcrypt-hashed password of this user.
     */
    public String getPassword() {
        return password;
    }

    /**
     * Sets the password (should be bcrypt-hashed, e.g. via {@link BcryptUtil#bcryptHash(String)}).
     */
    public void setPassword(final String password) {
        this.password = password;
    }

    /**
     * Returns the single role of this user (e.g. {@code admin} or {@code user}).
     */
    public String getRole() {
        return role;
    }

    /**
     * Sets the role of this user.
     */
    public void setRole(final String role) {
        this.role = role;
    }

    /**
     * Creates a new user with the given username, plain password (hashed with bcrypt), and role.
     *
     * @param username login name
     * @param plainPassword plain-text password (will be hashed)
     * @param role role name (e.g. admin, user)
     * @return the persisted entity
     */
    public static UserEntity add(final String username, final String plainPassword, final String role) {
        final UserEntity user = new UserEntity();
        user.setId(UUID.randomUUID());
        user.setUsername(username);
        user.setPassword(BcryptUtil.bcryptHash(plainPassword));
        user.setRole(role);
        user.persist();
        return user;
    }
}