require "active_support/core_ext/integer/time"

Rails.application.configure do
  # Settings specified here will take precedence over those in config/application.rb.

  # In the development environment your application's code is reloaded any time
  # it changes. This slows down response time but is perfect for development
  # since you don't have to restart the web server when you make code changes.
  config.enable_reloading = true

  # Do not eager load code on boot.
  config.eager_load = false

  # Show full error reports.
  config.consider_all_requests_local = true

  # Enable server timing
  config.server_timing = true

  # Enable/disable caching. By default caching is disabled.
  # Run rails dev:cache to toggle caching.
  if Rails.root.join("tmp/caching-dev.txt").exist?
    config.action_controller.perform_caching = true
    config.action_controller.enable_fragment_cache_logging = true

    config.cache_store = :memory_store
    config.public_file_server.headers = {
      "Cache-Control" => "public, max-age=#{2.days.to_i}"
    }
  else
    config.action_controller.perform_caching = false

    config.cache_store = :null_store
  end

  # Store uploaded files on the local file system (see config/storage.yml for options).
  # config.active_storage.service = :local

  # Don't care if the mailer can't send.
  config.action_mailer.raise_delivery_errors = false
  config.action_mailer.default_url_options = {host: "localhost", port: 3000}
  config.action_mailer.delivery_method = :letter_opener
  config.action_mailer.perform_caching = false

  # Raise exceptions for disallowed deprecations.
  config.active_support.disallowed_deprecation = :raise

  # Tell Active Support which deprecation messages to disallow.
  config.active_support.disallowed_deprecation_warnings = []

  # Raise an error on page load if there are pending migrations.
  config.active_record.migration_error = :page_load

  # Debug mode disables concatenation and preprocessing of assets.
  # This option may cause significant delays in view rendering with a large
  # number of complex assets.
  config.assets.debug = true

  # Highlight code that triggered database queries in logs.
  config.active_record.verbose_query_logs = true

  # Highlight code that enqueued background job in logs.
  config.active_job.verbose_enqueue_logs = true

  # Suppress logger output for asset requests.
  config.assets.quiet = true

  config.react.variant = :development

  # Raises error for missing translations.
  # config.i18n.raise_on_missing_translations = true

  # Annotate rendered view with file names.
  # config.action_view.annotate_rendered_view_with_filenames = true

  # Uncomment if you wish to allow Action Cable access from any origin.
  # config.action_cable.disable_request_forgery_protection = true

  # Raise error when a before_action's only/except options reference missing actions
  config.action_controller.raise_on_missing_callback_actions = true

  # Don't use the assets precompiled for production; recompile live instead.
  # HACK: We do this by just telling it that dev assets belong in a special
  # folder, so if you run precompile in development it'll look there instead,
  # as recommended by the Rails guide. But I don't actually use that irl!
  # https://guides.rubyonrails.org/v7.0.7/asset_pipeline.html#local-precompilation
  config.assets.prefix = "/dev-assets"

  # Fix file reloading in a Vagrant environment.
  # The `ActiveSupport::EventedFileUpdateChecker` is faster, but doesn't work
  # correctly for Vagrant's networked folders!
  # https://stackoverflow.com/a/36616931
  #
  # TODO: In the future, if we don't expect the use of Vagrant or similar tech
  # anymore, we could remove this for a minor dev perf improvement. We're on
  # Vagrant now because it's hard to get older Ruby running on many modern
  # systems, but later on that could change!
  #
  # NOTE: But I also see that this might be the default anyway in current
  # Rails? idk when that changed... so maybe just delete this later?
  config.file_watcher = ActiveSupport::FileUpdateChecker

  # Allow connections on Vagrant's private network.
  config.web_console.permissions = '10.0.2.2'

  # Use a local copy of Impress 2020, presumably running on port 4000. (Can
  # override this with the IMPRESS_2020_ORIGIN environment variable!)
  config.impress_2020_origin = ENV.fetch("IMPRESS_2020_ORIGIN",
    "http://localhost:4000")

  # Save the Neopets Media Archive in the local `tmp` folder. (In production,
  # we keep this in a long-term location instead!)
  config.neopets_media_archive_root = Rails.root / "tmp" /
    "neopets_media_archive" / "development"

  # When developing the `public_data:commit` command, save to the local `tmp`
  # folder. (In production, we keep this in a long-term location instead!)
  config.public_data_root = Rails.root / "tmp" / "public_data"

  # Use the local NeoPass development server.
  config.neopass_origin = "https://localhost:8585"

  # Set the NeoPass redirect callback URL.
  config.neopass_redirect_uri =
    "http://localhost:3000/users/auth/neopass/callback"

  # If the "USE_LIVE_NEOPASS=1" environment variable is set, override the
  # NeoPass config with the production values instead.
  #
  # Note that this does *not* allow you to just use NeoPass with the
  # development server as one might like! Our `localhost:3000` redirect URL is
  # not registered with live NeoPass, so we have to provide the production
  # callback, or else NeoPass will reject the initial auth request altogether!
  #
  # Instead, you'll need to somehow intercept the flow:
  #     1. Dress to Impress (development) sends you to NeoPass, with production
  #        configuration in the request.
  #     2. NeoPass redirects back to Dress to Impress (production).
  #     3. Use some kind of tool to prevent the above redirect, and rewrite it
  #        to `localhost:3000` instead.
  #        - For me, it's convenient to do this via the Burp Suite's "Proxy"
  #          tool: intercept the request, cancel it, and manually rewrite the
  #          URL and navigate to it.
  #        - Another way I've used for similar things in the past is to edit my
  #          /etc/hosts file to temporarily point `impress.openneo.net` to
  #          `127.0.0.1`. Then, when the request fails, manually rewrite the
  #          URL and navigate to it.
  #        - I suppose you could also have your browser's Network panel persist
  #          logs, then you can see the `/users/auth/neopass/callback` request
  #          that fails and redirects back to the production sign-in page, and
  #          manually rewrite it? (The request should be safe to let through,
  #          because production DTI will reject the callback, because it knows
  #          from the `state` parameter that it didn't initiate this flow.)
  if ENV["USE_LIVE_NEOPASS"].present?
    puts "Using live NeoPass, instead of the development server."
    config.neopass_origin = "https://oidc.neopets.com"
    config.neopass_redirect_uri =
      "https://impress.openneo.net/users/auth/neopass/callback"
  end
end