use strict;
use warnings;
use Plack::Request qw();
use HTTP::Status qw(
    HTTP_OK HTTP_METHOD_NOT_ALLOWED HTTP_CREATED HTTP_UNPROCESSABLE_ENTITY
);
use Authen::Passphrase::Argon2 qw();
use Crypt::URandom qw(urandom);
use Number::MuPhone qw();
use WebService::HIBP qw();
use DBI qw();
require DBD::SQLite;

my $dbfile = 'Ekanvitha9.sqlite';
my $html = <<'HTML';
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
    <body>
        <form method="POST">
            <div>
                <label for="name">Name:</label>
                <input type="text" id="name" name="name" />
            </div>
            <div>
                <label for="gender">Gender:</label>
                <input type="radio" id="g1" name="gender" value="g1" />
                <label for="g1">DID YOU JUST ASSUME MY GENDER?</label>
                <input type="radio" id="g2" name="gender" value="g2" />
                <label for="g2">attack helicopter</label>
            </div>
            <div>
                <label for="phone">Phone number:</label>
                <input type="tel" id="phone" name="phone" />
            </div>
            <div>
                <label for="passphrase">Pass phrase:</label>
                <input type="password" id="passphrase" name="passphrase" />
            </div>
            <input type="submit" />
        </form>
    </body>
</html>
HTML

my $app = sub {
    my ($env) = @_;
    my $req = Plack::Request->new($env);
    if ('GET' eq $req->method) {
        return $req->new_response(
            HTTP_OK, ['Content-Type' => 'application/xhtml+xml'], [$html]
        )->finalize;
    } elsif ('POST' eq $req->method) {
        my $phone = Number::MuPhone->new($req->parameters->get('phone'));
        return $req->new_response(
            HTTP_UNPROCESSABLE_ENTITY,
            ['Content-Type' => 'text/plain'],
            ['invalid phone number ', $phone ? $phone->error : '' ]
        )->finalize if (not defined $phone) or $phone->error;
        return $req->new_response(
            HTTP_UNPROCESSABLE_ENTITY,
            ['Content-Type' => 'text/plain'],
            ['wow, that is a really shitty passphrase']
        )->finalize if WebService::HIBP->new->password(
            $req->parameters->get('passphrase')
        ) > 0;
        unless (-e $dbfile) {
            DBI->connect("dbi:SQLite:dbname=$dbfile")->do(
                'create table users (id text, name text, gender text, phone text, passphrase text)'
            );
        }
        my $dbh = DBI->connect("dbi:SQLite:dbname=$dbfile");
        $dbh->{sqlite_unicode} = 1;
        my $sth = $dbh->prepare(
            'insert into users (id, name, gender, phone, passphrase) values (?,?,?,?,?)'
        );
        $sth->execute(
            sprintf('%08d', rand(100_000_000)),
            $req->parameters->get('name'),
            $req->parameters->get('gender'),
            $req->parameters->get('phone'),
            Authen::Passphrase::Argon2->new(
                passphrase => $req->parameters->get('passphrase'),
                salt => urandom(16),
                cost => 1,
                factor => '4096M',
                parallelism => 4,
                size => 16,
            )->hash
        );
        return $req->new_response(
            HTTP_CREATED, ['Content-Type' => 'text/plain'], ['done']
        )->finalize;
    } else {
        return $req->new_response(HTTP_METHOD_NOT_ALLOWED)->finalize;
    }
};