const functions = require("firebase-functions");
const admin = require("firebase-admin");
admin.initializeApp(functions.config().firebase);

//Todo: Move this to an environment parameter.
const GRAPHQL_ENDPOINT = functions.config().auth.graphql_endpoint;
const HASURA_SECRET_ADMIN_KEY = functions.config().auth.hasura_secret_admin_key;
const UPSERT_USER = `
mutation upsert_user($authEmail: String!, $authToken: String!) {
  insert_users(
    objects: [
      {
email:$authEmail,
        authid:$authToken
      }
    ],
    on_conflict: {
      constraint: users_pkey,
      update_columns: [authid]
    }
  ) {
    returning {
authid
    }
  }
}
`;

// On sign up.
exports.processSignUp = functions.auth.user().onCreate(user => {
  console.log(user);
  // Check if user meets role criteria:
  // Your custom logic here: to decide what roles and other `x-hasura-*` should the user get
  let customClaims;
  if (user.email && user.email.indexOf("@thinkimex.com") !== -1) {
    customClaims = {
      "https://hasura.io/jwt/claims": {
        "x-hasura-default-role": "admin",
        "x-hasura-allowed-roles": ["user", "admin"],
        "x-hasura-user-id": user.uid
      }
    };
  } else {
    customClaims = {
      "https://hasura.io/jwt/claims": {
        "x-hasura-default-role": "user",
        "x-hasura-allowed-roles": ["user"],
        "x-hasura-user-id": user.uid
      }
    };
  }

  //Removed for now - outbound connections are not free on firebase.
  // fetch(GRAPHQL_ENDPOINT, {
  //   method: "POST",
  //   headers: {
  //     "Content-Type": "application/json",
  //     Accept: "application/json",
  //     "x-hasura-admin-secret": HASURA_SECRET_ADMIN_KEY
  //   },
  //   body: JSON.stringify({
  //     query: UPSERT_USER,
  //     variables: { authEmail: user.email, authToken: user.uid }
  //   })
  // });

  // Set custom user claims on this newly created user.
  return admin
    .auth()
    .setCustomUserClaims(user.uid, customClaims)
    .then(() => {
      // Update real-time database to notify client to force refresh.
      const metadataRef = admin.database().ref("metadata/" + user.uid);
      // Set the refresh time to the current UTC timestamp.
      // This will be captured on the client to force a token refresh.
      return metadataRef.set({ refreshTime: new Date().getTime() });
    })
    .catch(error => {
      console.log(error);
    });
});