import os

from cryptography.exceptions import InvalidKey
from cryptography.hazmat.primitives.kdf.scrypt import Scrypt

from ..db.models import MasterPass

MEMORY_USAGE = 2**14


def _get_kdf(salt: bytes) -> Scrypt:
    kdf = Scrypt(
        salt=salt,
        length=128,
        n=MEMORY_USAGE,
        r=8,
        p=1,
    )
    return kdf


def encrypt_master_pass(user_id: int, password: str) -> MasterPass:
    """Hashes master password and returns MasterPass object"""
    salt = os.urandom(64)
    kdf = _get_kdf(salt)
    password_hash = kdf.derive(password.encode("utf-8"))
    return MasterPass(
        user_id=user_id,
        password_hash=password_hash,
        salt=salt,
    )


def check_master_pass(password: str, master_password: MasterPass) -> bool:
    """Checks if the master password is correct"""
    kdf = _get_kdf(master_password.salt)
    try:
        kdf.verify(password.encode("utf-8"), master_password.password_hash)
    except InvalidKey:
        return False
    else:
        return True