import pwd
import uuid

from sqlalchemy import select, insert
from sqlalchemy.orm import Session

from pillar_tool.db.models.user import User

from Crypto.Hash import SHA3_256
from secrets import token_bytes




def create_user(db: Session, username: str, password: str) -> None:
    pw_salt = token_bytes(32).hex()
    pw_hash = compute_password_hash(password, pw_salt)
    user_id = uuid.uuid4()

    db.execute(insert(User).values(id=user_id, username=username, pw_hash=pw_hash, pw_salt=pw_salt))



def compute_password_hash(password: str, salt: str) -> str:
    full_salted_password = salt + password
    digest = SHA3_256.new(full_salted_password.encode('ascii')).digest()
    digest_output = digest.hex()

    return digest_output

def verify_user(db: Session, user: str, password: str) -> User | None:
    # noinspection PyTypeChecker
    selected_users = db.execute(select(User).where(User.username == user)).fetchall()

    assert len(selected_users) < 2
    if len(selected_users) == 0:
        return None

    # get the first user from the result
    user: User = selected_users[0][0]
    pw_hash = compute_password_hash(password, user.pw_salt)

    if pw_hash == user.pw_hash:
        return user
    return None