app/controllers/api_keys_controller.rb

class ApiKeysController < ApplicationController
  before_action :disable_cache, only: :index
  before_action :set_page, only: :index

  include ApiKeyable

  include SessionVerifiable
  verify_session_before

  def index
    @api_key = session.delete(:api_key)
    @api_keys_pagy, @api_keys = pagy(current_user.api_keys.unexpired.not_oidc.preload(ownership: :rubygem))
    redirect_to new_profile_api_key_path if @api_keys.empty?
  end

  def new
    @api_key = current_user.api_keys.build
  end

  def edit
    @api_key = current_user.api_keys.find(params.permit(:id).require(:id))
    return unless @api_key.soft_deleted?

    flash[:error] = t(".invalid_key")
    redirect_to profile_api_keys_path
  end

  def create
    key = generate_unique_rubygems_key
    build_params = { owner: current_user, hashed_key: hashed_key(key), **api_key_create_params }
    @api_key = ApiKey.new(build_params)

    if @api_key.errors.present?
      flash.now[:error] = @api_key.errors.full_messages.to_sentence
      @api_key = current_user.api_keys.build(api_key_create_params.merge(rubygem_id: nil))
      return render :new
    end

    if @api_key.save
      Mailer.api_key_created(@api_key.id).deliver_later

      session[:api_key] = key
      redirect_to profile_api_keys_path, flash: { notice: t(".success") }
    else
      flash.now[:error] = @api_key.errors.full_messages.to_sentence
      render :new
    end
  end

  def update
    @api_key = current_user.api_keys.find(params.permit(:id).require(:id))
    @api_key.assign_attributes(api_key_update_params(@api_key))

    if @api_key.errors.present?
      flash.now[:error] = @api_key.errors.full_messages.to_sentence
      return render :edit
    end

    if @api_key.save
      redirect_to profile_api_keys_path, flash: { notice: t(".success") }
    else
      flash.now[:error] = @api_key.errors.full_messages.to_sentence
      render :edit
    end
  end

  def destroy
    api_key = current_user.api_keys.find(params.permit(:id).require(:id))

    if api_key.expire!
      flash[:notice] = t(".success", name: api_key.name)
    else
      flash[:error] = api_key.errors.full_messages.to_sentence
    end
    redirect_to profile_api_keys_path
  end

  def reset
    if current_user.api_keys.expire_all!
      flash[:notice] = t(".success")
    else
      flash[:error] = t("try_again")
    end
    redirect_to profile_api_keys_path
  end

  private

  def verify_session_redirect_path
    case action_name
    when "reset", "destroy"
      profile_api_keys_path
    when "create"
      new_profile_api_key_path
    when "update"
      edit_profile_api_key_path(params.permit(:id).require(:id))
    else
      super
    end
  end

  def api_key_create_params
    ApiKeysHelper.api_key_params(params.permit(api_key: [:name, *ApiKey::API_SCOPES, :mfa, :rubygem_id, :expires_at]).require(:api_key))
  end

  def api_key_update_params(existing_api_key = nil)
    ApiKeysHelper.api_key_params(
      params.permit(api_key: [*ApiKey::API_SCOPES, :mfa, :rubygem_id, { scopes: [ApiKey::API_SCOPES] }]).require(:api_key), existing_api_key
    )
  end
end