require 'digest'

class UserController < ApplicationController
  
  def auth
    @res = {}
    check = check_auth(params)
    
    if check == true
      @res[:status] = 'hello'
      user = User.find_by_vkid(params[:mid])
      if user.nil?
        user = User.new
        user.vkid = params[:mid]
        user.save
      end
      @res[:id] = user.id
      @res[:username] = user.name
    elsif check == false
      @res[:status] = 'bad signature'
    else
      @res[:status] = 'bad params'
    end
    
    render :json => @res
  end
  
  def update
    @res = {}
    check = check_auth(params)
    
    if check == true
      user = User.find_by_vkid(params[:mid])
      unless params[:username].nil? or params[:email].nil?
        user.name = params[:username]
        user.email = params[:email]
        user.save
      end
      @res[:username] = user.name
      @res[:email] = user.email
    end
    
    render :json => @res
  end
  
  private
  
  def check_auth params
    secret_key = request.host == 'beathaven.org' ? 'sdgwSbl3nNE4ZxafuPrp' : 's5zyjb693z6uV4rbhEyc'
    unless params[:expire].nil? or params[:mid].nil? or params[:secret].nil? or params[:sid].nil? or params[:sig].nil?
      # Calculating hash
      hash = 'expire='+ params[:expire] +'mid='+ params[:mid] +'secret='+ params[:secret] +'sid='+ params[:sid] + secret_key
      hash_md5 = Digest::MD5.hexdigest(hash)
      if Digest::MD5.hexdigest(hash) == params[:sig]
        return true
      else
        return false
      end
    else
      return 'bad params'
    end
  end
  
end