package auth

func login(phone, code string) (string, bool, error) {
	// Check if code is valid
	var ok bool
	err := db.Do(func(d *Data) error {
		if d == nil {
			ok = false
			return nil
		}
		if d.LoginCodes == nil {
			ok = false
			return nil
		}
		if d.LoginCodes[phone] == nil {
			ok = false
			return nil
		}
		ok = d.LoginCodes[phone][code]
		return nil
	})
	if err != nil {
		return "", false, err
	}
	if !ok {
		return "", false, nil
	}

	// Generate a session token
	token := ""
	err = db.Do(func(d *Data) error {
		if d.Sessions == nil {
			d.Sessions = map[string]string{}
		}
		for {
			token, err = randomToken()
			if err != nil {
				return err
			}
			_, ok := d.Sessions[token]
			if !ok {
				break
			}
		}
		d.Sessions[token] = phone
		return nil
	})
	if err != nil {
		return "", false, err
	}

	// Deactivate the login code
	err = db.Do(func(d *Data) error {
		if d == nil {
			d = &Data{}
		}
		if d.LoginCodes == nil {
			return nil
		}
		if d.LoginCodes[phone] == nil {
			d.LoginCodes[phone] = map[string]bool{}
		}
		delete(d.LoginCodes[phone], code)
		return nil
	})
	if err != nil {
		logError(err)
	}

	// Return the session token
	return token, true, nil
}