# frozen_string_literal: true

class User < ApplicationRecord
  devise :database_authenticatable, :lockable, :recoverable, :rememberable,
         :trackable, :validatable, :confirmable, :registerable

  devise :omniauthable, omniauth_providers: %i[reddit google_oauth2 discord]

  attr_accessor :login

  # Note: devise :validatable above adds validations for :email and :password
  # validates :username, presence: true, length: {maximum: 128}
  validates :email, confirmation: true

  class << self
    # Devise method overridden to allow sign in with email or username
    def find_for_database_authentication(warden_conditions)
      conditions = warden_conditions.dup
      if (login = conditions.delete(:login))
        where(conditions).find_by(
          'lower(username) = :value OR lower(email) = :value',
          value: login.downcase.strip,
        )
      else
        find_by(conditions)
      end
    end
  end

  def self.from_omniauth(auth)
    where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
      user.email = auth.info.email
      user.password = Devise.friendly_token[0, 20]

      # Reddit, Google, and Discord both have email verification already
      user.skip_confirmation!
    end
  end
end