(in-package #:vampire)

(wknd:defendpoint login.html
  :get :route "login"
  :returns "text/html"
  :handle (login-page))

(wknd:defendpoint login-user
  :post :route "login"
  :parameters
  (name string)
  (password string)
  :properties
  (user user)
  :authenticate (authenticate-login-user name password)
  :handle (wknd:endpoint-redirect 'home.html))

(defun authenticate-login-user (name password)
  (do>
    found-user :when= (user-with-name name)
    :when (equal (user-pwhash found-user)
		 (hash-string password (user-pwsalt found-user)))
    session := (db:with-transaction () (make-instance 'session :user found-user))
    (wknd:set-cookie +session-cookie+ :value (key session))))

(wknd:defendpoint new-account.html
  :get :route "new-account"
  :returns "text/html"
  :handle (new-account-page))

(wknd:defendpoint create-new-account
  :post :to "new-account"
  :parameters
  (username string)
  (password string)
  (password2 string)
  (invite-code string)
  :properties
  (invite invite)
  :authenticate (and
		 (equal password password2)
		 (setf invite (object-with-key invite-code)))
  :authorize (invite-validp invite)
  :handle (progn
	    (db:with-transaction ()
	      (when (uses-remaining invite)
		(decf (uses-remaining invite))
		(when (zerop (uses-remaining invite))
		  (db:delete-object invite)))
	      (let ((user (make-instance 'user :name username)))
		(setf (user-pwhash user) (hash-string password (user-pwsalt user)))))
	    (wknd:endpoint-redirect 'login.html)))

(defun login-page ()
  (page (:title "V A M P I R E ~ LOGIN")
    (:div (:h1 "I vant to suck your blood")
          (:form :method "POST" :action "/login"
                 (:input :placeholder "Name" :name "name")
                 (:br)
                 (:input :placeholder "Password" :type "password" :name "password")
                 (:br)
                 (:button :type "submit" "Click to Login")))))

(defun new-account-page ()
  (page (:title "V A M P I R E ~ JOIN")
    (:form :method "POST" :action "/new-account"
           (:input :placeholder "Invite Code" :name "invite-code")(:br)
           (:input :placeholder "Username" :name "username")(:br)
           (:input :placeholder "Password" :name "password" :type "password")(:br)
           (:input :placeholder "Repeat Password" :name "password2" :type "password")(:br)
           (:button :type "submit" "Become Undead"))))