class AuthD::Request
	IPC::JSON.message UpdatePassword, 7 do
		property login      : String
		property old_password : String
		property new_password : String

		def initialize(@login, @old_password, @new_password)
		end

		def handle(authd : AuthD::Service)
			user = authd.users_per_login.get? @login

			unless user
				return Response::Error.new "invalid credentials"
			end

			if authd.hash_password(@old_password) != user.password_hash
				return Response::Error.new "invalid credentials"
			end

			user.password_hash = authd.hash_password @new_password

			authd.users_per_uid.update user.uid.to_s, user

			Response::UserEdited.new user.uid
		end
	end
	AuthD.requests << UpdatePassword

	IPC::JSON.message PasswordRecovery, 11 do
		property user               : Int32 | String
		property password_renew_key : String
		property new_password       : String

		def initialize(@user, @password_renew_key, @new_password)
		end

		def handle(authd : AuthD::Service)
			uid_or_login = @user
			user = if uid_or_login.is_a? Int32
				authd.users_per_uid.get? uid_or_login.to_s
			else
				authd.users_per_login.get? uid_or_login
			end

			if user.nil?
				return Response::Error.new "user not found"
			end

			if user.password_renew_key == @password_renew_key
				user.password_hash = authd.hash_password @new_password
			else
				return Response::Error.new "renew key not valid"
			end

			user.password_renew_key = nil

			authd.users_per_uid.update user.uid.to_s, user

			Response::PasswordRecovered.new user.to_public
		end
	end
	AuthD.requests << PasswordRecovery

	IPC::JSON.message AskPasswordRecovery, 12 do
		property user       : Int32 | String
		property email      : String

		def initialize(@user, @email)
		end

		def handle(authd : AuthD::Service)
			uid_or_login = @user
			user = if uid_or_login.is_a? Int32
				authd.users_per_uid.get? uid_or_login.to_s
			else
				authd.users_per_login.get? uid_or_login
			end

			if user.nil?
				return Response::Error.new "no such user"
			end

			if user.contact.email != @email
				# Same error as when users are not found.
				return Response::Error.new "no such user"
			end

			user.password_renew_key = UUID.random.to_s

			authd.users_per_uid.update user.uid.to_s, user

			# Once the user is created and stored, we try to contact him
			if authd.configuration.print_password_recovery_parameters
				pp! user.login,
					user.contact.email.not_nil!,
					user.password_renew_key.not_nil!
			end

			mailer_exe = authd.configuration.mailer_exe
			template_name = authd.configuration.recovery_template

			u_login = user.login
			u_email = user.contact.email.not_nil!
			u_token = user.password_renew_key.not_nil!

			# Once the user is created and stored, we try to contact him.
			unless Process.run(mailer_exe,
					# PARAMETERS
					[ "send", template_name, u_email ],
					# ENV
					{ "LOGIN" => u_login, "TOKEN" => u_token },
					true # clear environment
				).success?
				raise "cannot contact user #{u_login} address #{u_email}"
			end

			Response::PasswordRecoverySent.new user.to_public
		end
	end
	AuthD.requests << AskPasswordRecovery
end