from django.contrib.auth.decorators import login_required
from apps.changepw.models import ChangePasswordForm
from django.http import HttpResponse
from django.shortcuts import render
import random
import nordunet_change_password as pw


def _change_password(pwtype, user, new_password):
    '''
    Use this to call your change password function.
    '''
    if pwtype == 'sso':
        ret = pw.change_nordunet_sso_pw(user, new_password)
    elif pwtype == 'ppp':
        ret = pw.change_nordunet_ppp_pw(user, new_password)
    elif pwtype == 'net':
        ret = pw.change_nordunet_net_pw(user, new_password)
    elif pwtype == 'vpn':
        ret = pw.change_nordunet_vpn_pw(user, new_password)
    else:
        ret = 'Could not change that password type.'
    return ret


def _change_other(request, *args):
    '''
    Use this to call your change function.
    '''
    user = request.user
    ssh_key = request.POST.get('ssh_key', None)
    if ssh_key:
        ret = pw.set_public_ssh_key(user, ssh_key)
    else:
        return 1
    return ret


def _get_username(request):
    '''
    Returns the actual username from the Shibboleth uid.
    request.user.username == username@domain.com
    '''
    return request.user.username.split('@')[0]


def _generate_password(n, z=3):
    '''
    Returns a psudo random string of lenght n in accordance to the NORDUnet
    security standard. z is the number of non-letters to include.
    '''
    letters = 'abcdefghijklmnopqrstuvwxyz'
    others = '1234567890!#%&?+*-_.<>'
    pw = []
    for i in range(0, n//2):
        pw.append(random.choice(letters))
        pw.append(random.choice(letters.upper()))
    random.shuffle(pw)
    pw = pw[:n]
    for i in random.sample(range(0, n-1), z):
        pw[i] = random.choice(others)
    return ''.join(pw)


@login_required()
def index(request):
    '''
    Greets the user and presents the choices available.
    '''
    username = _get_username(request)
    try:
        full_name = request.user.get_full_name()
    except AttributeError:
        full_name = username
    return render(request,
                  'changepw/index.html',
                  {'full_name': full_name, 'username': username})


@login_required()
def change_password(request, pwtype):
    '''
    If the user is authenticated and the form is valid the password
    changing script will be run with the username and new password.
    The function that changes the password has to be provided as func.
    '''
    username = _get_username(request)
    form = ChangePasswordForm(request.POST or None)
    return_value = -1
    if request.method == 'POST':
        if form.is_valid():
            new_password = form.cleaned_data['new_password']
            return_value = _change_password(pwtype, request.user, new_password)
            form = None
    return render(request,
                  'changepw/change_password.html',
                  {'form': form, 
                   'username': username,
                   'pwtype': pwtype,
                   'return_value': return_value})


@login_required()
def change_other(request, *args):
    '''
    Just passes along the request so that something can be done for that user.
    '''
    username = _get_username(request)
    return_value = None
    if request.method == 'POST':
        return_value = _change_other(request, *args)
    return render(request,
                  'changepw/change_other.html',
                  {'username': username, 'return_value': return_value})


@login_required()
def change_public_ssh_keys(request):
    """
    Lets the user remove or add public SSH keys.
    """
    if request.POST:
        ssh_key = request.POST.get('ssh_key', None)
        if ssh_key:
            ret = pw.set_public_ssh_key(request.user, ssh_key)
        else:
            ret = 'No SSH key to add.'
        ssh_keys = pw.get_public_ssh_keys(request.user)
        return render(request,
                      'changepw/change_public_ssh_key.html',
                      {'username': request.user.username,
                       'ssh_keys': ssh_keys,
                       'return_value': ret})
    else:
        ssh_keys = pw.get_public_ssh_keys(request.user)
        return render(request,
                      'changepw/change_public_ssh_key.html',
                      {'username': request.user.username,
                       'ssh_keys': ssh_keys,
                       'return_value': None})


@login_required()
def delete_public_ssh_key(request, key_number):
    """
    Delete a public SSH key.
    """
    ssh_keys = pw.get_public_ssh_keys(request.user)
    ret = pw.del_public_ssh_key(request.user, ssh_keys[int(key_number)])
    ssh_keys = pw.get_public_ssh_keys(request.user)
    return render(request, 
                  'changepw/change_public_ssh_key.html',
                  {
                      'username': request.user.username,
                      'ssh_keys': ssh_keys,
                      'return_value': ret})

def _create_ieduroam_conf(user):
    """
    Creates an xml config (http://www.apple.com/DTDs/PropertyList-1.0.dtd) for
    iPhone, iPod Touch or Ipad that can be set by surfing to the URL.

    Should ultimately returned with
    HttpResponse(conf, mimetype='application/x-apple-aspen-config')
    """
    try:
        f = open('/var/lib/django/sso/apps/changepw/eduroam.mobileconfig')
    except IOError:
        return 'Could not open boilerplate configuration.'
    uid = user.username.split('@')[0]
    s = ''.join(f.readlines())
    s = s.replace('nordu-user', '%s-pwman' % uid)
    conf = s.replace('eduroam-user', '%s/ppp' % uid)
    return conf


def ideviceconf(request):
    """
    HACK
    """
    user = request.user
    conf = _create_ieduroam_conf(user)
    return HttpResponse(conf, content_type='application/x-apple-aspen-config')