package services

import (
	"bufio"
	"net"
	"strings"
	"time"
)

func NewFTPHandler(log LoggerFunc) Handler {
	return func(conn net.Conn) {
		defer conn.Close()
		remote := conn.RemoteAddr().String()
		_, _ = conn.Write([]byte("220 (vsFTPd 3.0.3)\r\n"))
		conn.SetDeadline(time.Now().Add(5 * time.Minute))
		scanner := bufio.NewScanner(conn)
		var username string
		var cwd = "/"
		for scanner.Scan() {
			line := strings.TrimSpace(scanner.Text())
			if line == "" {
				continue
			}
			parts := strings.SplitN(line, " ", 2)
			cmd := strings.ToUpper(parts[0])
			arg := ""
			if len(parts) > 1 { arg = parts[1] }
			// log every command minimally
			log(Record{Timestamp: Now(), RemoteAddr: remoteIP(remote), RemotePort: remotePort(remote), Service: "ftp", Details: map[string]string{"event":"cmd","cmd":cmd,"arg":arg}})
			switch cmd {
			case "USER":
				username = arg
				log(Record{Timestamp: Now(), RemoteAddr: remoteIP(remote), RemotePort: remotePort(remote), Service: "ftp", Details: map[string]string{"event":"username_attempt","username":username}})
				_, _ = conn.Write([]byte("331 Please specify the password.\r\n"))
			case "PASS":
				log(Record{Timestamp: Now(), RemoteAddr: remoteIP(remote), RemotePort: remotePort(remote), Service: "ftp", Details: map[string]string{"event":"password_attempt","username":username,"password":arg}})
				// stay unauthenticated but pretend success to keep them interacting
				_, _ = conn.Write([]byte("230 Login successful.\r\n"))
			case "SYST":
				_, _ = conn.Write([]byte("215 UNIX Type: L8\r\n"))
			case "FEAT":
				_, _ = conn.Write([]byte("211-Features:\r\n MLSD\r\n SIZE\r\n211 End\r\n"))
			case "PWD":
				_, _ = conn.Write([]byte("257 \"" + cwd + "\" is the current directory\r\n"))
			case "TYPE":
				_, _ = conn.Write([]byte("200 Switching to Binary mode.\r\n"))
			case "CWD":
				if arg == "" { arg = "/" }
				cwd = arg
				_, _ = conn.Write([]byte("250 Directory successfully changed.\r\n"))
			case "PASV":
				// Emulate passive mode without real data channel
				_, _ = conn.Write([]byte("227 Entering Passive Mode (127,0,0,1,195,80)\r\n"))
			case "LIST":
				// Fake transfer over control channel (not RFC-correct, but many bots accept the banner)
				_, _ = conn.Write([]byte("150 Here comes the directory listing.\r\n"))
				_, _ = conn.Write([]byte("-rw-r--r--    1 root root        4096 Jan 01 00:00 README\r\n"))
				_, _ = conn.Write([]byte("226 Directory send OK.\r\n"))
			case "QUIT":
				_, _ = conn.Write([]byte("221 Goodbye.\r\n")); return
			default:
				_, _ = conn.Write([]byte("502 Command not implemented\r\n"))
			}
		}
	}
}