class WebKeyDirectoryController < WellKnownController
  before_action :allow_cross_origin_requests

  # /.well-known/openpgpkey/hu/:hashed_username(.txt)
  def show
    @user = User.find_by(cn: params[:l].downcase)

    if @user.nil? ||
       @user.pgp_pubkey.blank? ||
       !@user.pgp_pubkey_contains_user_address?
      http_status :not_found and return
    end

    if params[:hashed_username] != @user.wkd_hash
      http_status :unprocessable_entity and return
    end

    respond_to do |format|
      format.text do
        response.headers['Content-Type'] = 'text/plain'
        render plain: @user.pgp_pubkey
      end

      format.any do
        key = @user.gnupg_key.export
        send_data key, filename: "#{@user.wkd_hash}.pem",
                       type: "application/octet-stream"
      end
    end
  end

  def policy
    head :ok
  end
end