package com.danielbohry.authservice.api;

import com.danielbohry.authservice.api.dto.AuthenticationResponse;
import com.danielbohry.authservice.api.dto.PasswordChangeRequest;
import com.danielbohry.authservice.api.dto.UserResponse;
import com.danielbohry.authservice.domain.ApplicationUser;
import com.danielbohry.authservice.service.auth.AuthService;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Slf4j
@RestController
@AllArgsConstructor
@CrossOrigin
@RequestMapping("api/users")
public class UserController {

    private final AuthService authService;

    @GetMapping("current")
    public ResponseEntity<UserResponse> get() {
        SecurityContext context = SecurityContextHolder.getContext();
        Object principal = context.getAuthentication().getPrincipal();
        if (principal instanceof ApplicationUser user) {
            return ResponseEntity.ok(new UserResponse(user.getId(), user.getUsername(), user.getRoles().stream().map(Enum::toString).toList()));
        }

        return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
    }

    @PostMapping("change-password")
    public ResponseEntity<AuthenticationResponse> changePassword(@RequestBody PasswordChangeRequest request) {
        SecurityContext context = SecurityContextHolder.getContext();
        Object principal = context.getAuthentication().getPrincipal();

        if (principal instanceof ApplicationUser user) {
            log.info("Changing password for user [{}]", user.getUsername());
            var response = authService.changePassword(user.getId(), request.getCurrentPassword(), request.getNewPassword());
            return ResponseEntity.ok(response);
        }

        return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
    }
}