package auth

import (
	"regexp"

	"golang.org/x/crypto/bcrypt"
)

// about bcrypt cost: https://docs.laminas.dev/laminas-crypt/password/#bcrypt
// bcrypt cost benchmarks: https://github.com/nsmithuk/bcrypt-cost-go
const BCRYPT_COST = 10
const MIN_PASSWORD_LENGTH = 10

func IsPasswordGoodEnough(password string) bool {
	var re *regexp.Regexp
	passwordBytes := []byte(password)

	if len(password) < MIN_PASSWORD_LENGTH {
		return false
	}
	re, _ = regexp.Compile("[a-z]")
	if re.Find(passwordBytes) == nil {
		return false
	}
	re, _ = regexp.Compile("[A-Z]")
	if re.Find(passwordBytes) == nil {
		return false
	}
	re, _ = regexp.Compile("[0-9]")
	//lint:ignore S1008 allow early exit instead optimization
	if re.Find(passwordBytes) == nil {
		return false
	}

	return true
}

func HashPassword(password string, secretKey string) (string, error) {
	bytes, err := bcrypt.GenerateFromPassword([]byte(password+secretKey), BCRYPT_COST)
	return string(bytes), err
}