package zsshrpc_server

import (
	"errors"
	"golang.org/x/crypto/bcrypt"
	"golang.org/x/crypto/ssh"
)

type SimplePasswordMgr struct {
	authlist map[string][]byte
}

func NewSimplePasswordMgr() *SimplePasswordMgr {
	o := &SimplePasswordMgr{
		authlist: make(map[string][]byte),
	}
	return o
}

func (this *SimplePasswordMgr) AddUserWithBytesPassword(username string, password []byte) error {
	p, err := bcrypt.GenerateFromPassword(password, 10)
	if err != nil {
		return err
	}
	this.authlist[username] = p
	return nil
}

func (this *SimplePasswordMgr) AddUserWithStringPassword(username string, password string) error {
	return this.AddUserWithBytesPassword(username, []byte(password))
}

func (this *SimplePasswordMgr) AddUserWithBcryptPassword(username string, password []byte) {
	this.authlist[username] = password
}

func (this *SimplePasswordMgr) PasswordCheckCallback(conn ssh.ConnMetadata, password []byte) (*ssh.Permissions, error) {
	v, ok := this.authlist[conn.User()]
	if !ok {
		return nil, errors.New("auth failed with incorrected password")
	}
	err := bcrypt.CompareHashAndPassword(v, password)
	if err != nil {
		return nil, errors.New("auth failed with incorrected password")
	}
	return nil, nil
}