using System.Security.Cryptography;
using System.Text;
using BC = BCrypt.Net.BCrypt;
using MotoresArgentinosV2.Core.Interfaces;

namespace MotoresArgentinosV2.Infrastructure.Services;

public class PasswordService : IPasswordService
{
    public string HashPassword(string password)
    {
        return BC.HashPassword(password);
    }

    public bool VerifyPassword(string password, string hash, string? salt, bool isLegacy)
    {
        if (isLegacy)
        {
            return VerifyLegacyHash(password, hash, salt);
        }
        
        return BC.Verify(password, hash);
    }

    private bool VerifyLegacyHash(string password, string storedHash, string? salt)
    {
        // Lógica típica de ASP.NET Membership Provider (SHA1)
        // El formato común es Base64(SHA1(Salt + Password))
        if (string.IsNullOrEmpty(salt)) return false;

        byte[] passwordBytes = Encoding.Unicode.GetBytes(password);
        byte[] saltBytes = Convert.FromBase64String(salt);
        byte[] allBytes = new byte[saltBytes.Length + passwordBytes.Length];

        Buffer.BlockCopy(saltBytes, 0, allBytes, 0, saltBytes.Length);
        Buffer.BlockCopy(passwordBytes, 0, allBytes, saltBytes.Length, passwordBytes.Length);

        using (var sha1 = SHA1.Create())
        {
            byte[] hashBytes = sha1.ComputeHash(allBytes);
            string computedHash = Convert.ToBase64String(hashBytes);
            return computedHash == storedHash;
        }
    }
}