// load all the things we need
var LocalStrategy = require('passport-local').Strategy;

// expose this function to our app using module.exports
module.exports = function(passport, User) {

    // =========================================================================
    // passport session setup ==================================================
    // =========================================================================
    // required for persistent login sessions
    // passport needs ability to serialize and unserialize users out of session

    // used to serialize the user for the session
    passport.serializeUser(function(user, done) {
        done(null, user.id);
    });

    // used to deserialize the user
    passport.deserializeUser(function(id, done) {
		User.find({where: {id: id}}).then(function(user) {
			done(null, user);
		}).error(function(err) {
			done(err, null);
		});
    });

    // =========================================================================
    // LOCAL SIGNUP
    // =========================================================================
    // we are using named strategies since we have one for login and one for signup
    // by default, if there was no name, it would just be called 'local'

    passport.use('local-signup', new LocalStrategy({
        usernameField : 'login',
        passwordField : 'password',
        passReqToCallback : true // allows us to pass back the entire request to the callback
    },
    function(req, login, password, done) {
		User.find({where: {login: login}}).then(function(user) {
			if(user) {
				done(null, false, req.flash('signupMessage', 'That login is already taken.'));
			}
			else {
				var user = User.build();
				
				user.login = login;
				user.password = user.generateHash(password);
				
				user.save().then(function() {
					done(null, user);
				}).error(function(err) {
					done(null, false, req.flash('signupMessage', 'DB Failure: ' + err));
				});
			}
		}).error(function(err) {
			done(err);
		});

    }));
	
	
    // =========================================================================
    // LOCAL LOGIN
    // =========================================================================
    // we are using named strategies since we have one for login and one for signup
    // by default, if there was no name, it would just be called 'local'

    passport.use('local-login', new LocalStrategy({
        usernameField : 'login',
        passwordField : 'password',
        passReqToCallback : true // allows us to pass back the entire request to the callback
    },
    function(req, login, password, done) {
		User.findOne({where: {login: login}}).then(function(user) {
			if(!user) {
				return done(null, false, req.flash('loginMessage', 'User not found.'));
			}
			else if(!user.isPasswordValid(password)) {
				return done(null, false, req.flash('loginMessage', 'Invalid password.'));
			}
			else {
				return done(null, user);
			}
		}).error(function(err) {
			return done(err);
		});
    }));

};