'use strict';

//
// WARNING: Not for noobs
// Try the simple example first
//

//
// This demo is used with tunnel-server.js and tunnel-client.js
//

var email = 'john.doe@gmail.com';
var domains = ['example.com'];
var agreeLeTos = true;
//var secret = "My Little Brony";
var secret = require('crypto').randomBytes(16).toString('hex');

require('../').create({
  version: 'draft-11'

    ,
  server: 'https://acme-v02.api.letsencrypt.org/directory'
    // Note: If at first you don't succeed, stop and switch to staging
    // https://acme-staging-v02.api.letsencrypt.org/directory

    ,
  email: email,
  agreeTos: agreeLeTos,
  approveDomains: domains,
  configDir: '~/.config/acme/',
  app: remoteAccess(secret)
    // Get notified of important updates and help me make greenlock better
    ,
  communityMember: true
  //, debug: true
}).listen(3000, 8443);


function remoteAccess(secret) {
  var express = require('express');
  var basicAuth = require('express-basic-auth');
  var serveIndex = require('serve-index');

  var rootIndex = serveIndex('/', {
    hidden: true,
    icons: true,
    view: 'details'
  });
  var rootFs = express.static('/', {
    dotfiles: 'allow',
    redirect: true,
    index: false
  });

  var userIndex = serveIndex(require('os').homedir(), {
    hidden: true,
    icons: true,
    view: 'details'
  });
  var userFs = express.static(require('os').homedir(), {
    dotfiles: 'allow',
    redirect: true,
    index: false
  });

  var app = express();
  var realm = 'Login Required';

  var myAuth = basicAuth({
    users: {
      'root': secret,
      'user': secret
    },
    challenge: true,
    realm: realm,
    unauthorizedResponse: function ( /*req*/ ) {
      return 'Unauthorized <a href="/">Home</a>';
    }
  });

  app.get('/', function (req, res) {
    res.setHeader('Content-Type', 'text/html; charset=utf-8');
    res.end(
      '<a href="/browse/">View Files</a>' +
      '&nbsp; | &nbsp;' +
      '<a href="/logout/">Logout</a>'
    );
  });
  app.use('/logout', function (req, res) {
    res.setHeader('Content-Type', 'text/html; charset=utf-8');
    res.setHeader('WWW-Authenticate', 'Basic realm="' + realm + '"');
    res.statusCode = 401;
    //res.setHeader('Location', '/');
    res.end('Logged out &nbsp; | &nbsp; <a href="/">Home</a>');
  });
  app.use('/browse', myAuth);
  app.use('/browse', function (req, res, next) {
    if ('root' === req.auth.user) {
      rootFs(req, res, function () {
        rootIndex(req, res, next);
      });
      return;
    }
    if ('user' === req.auth.user) {
      userFs(req, res, function () {
        userIndex(req, res, next);
      });
      return;
    }
    res.end('Sad Panda');
  });

  console.log('');
  console.log('');
  console.log('Usernames are\n');
  console.log('\troot');
  console.log('\tuser');
  console.log('');
  console.log('Password (for both) is\n');
  console.log('\t' + secret);
  console.log('');
  console.log("Shhhh... It's a secret to everybody!");
  console.log('');
  console.log('');

  return app;
}