using FaKrosnoApi.Models;
using Microsoft.AspNetCore.Mvc;
using OrdersManagementDataModel.Dtos;
using OrdersManagementDataModel.Services;

namespace FaKrosnoApi.Controllers;

[ApiController]
[Route("api/[controller]")]
public class UsersController(IUserService service) : Controller
{
    [HttpGet]
    public async Task<ActionResult<IEnumerable<UserDto>>> GetAll()
    {
        IEnumerable<UserDto?> users = await service.GetAll();
        return Ok(users);
    }

    [HttpGet("by-id")]
    public async Task<ActionResult<UserDto?>> GetById([FromQuery] Guid id)
    {
        UserDto? user = await service.GetById(id);
        return user != null ? Ok(user) : NotFound();
    }

    [HttpGet("by-username")]
    public async Task<ActionResult<UserDto?>> GetByUsername([FromQuery] string username)
    {
        UserDto? user = await service.GetByUsername(username);
        return user != null ? Ok(user) : NotFound();
    }
    
    [HttpPost("authenticate")]
    public async Task<IActionResult> Authenticate([FromBody] AuthenticateRequestModel? request)
    {
        if (request == null || string.IsNullOrEmpty(request.Login) || string.IsNullOrEmpty(request.Password))
        {
            return BadRequest(new { message = "Login i hasło są wymagane" });
        }

        var user = await service.GetByUsername(request.Login);

        var x = BCrypt.Net.BCrypt.Verify(request.Password, user?.PasswordHash);
        
        if (user == null || !BCrypt.Net.BCrypt.Verify(request.Password, user.PasswordHash))
        {
            return Unauthorized(new { message = "Nieprawidłowy login lub hasło" });
        }

        var userDto = new UserDto
        {
            Id = user.Id,
            Login = user.Login,
            IsTemporaryPassword = user.IsTemporaryPassword,
            IsActive = user.IsActive,
            ActiveFrom = user.ActiveFrom,
            ActiveTo = user.ActiveTo,
            Email = user.Email,
            FirstName = user.FirstName,
            LastName = user.LastName,
            CreatedDate = user.CreatedDate,
            LastLoginDate = user.LastLoginDate,
            FailedLoginAttempts = user.FailedLoginAttempts,
            IsLocked = user.IsLocked,
            LockoutEndDate = user.LockoutEndDate,
            RowPointer = user.RowPointer
        };

        user.LastLoginDate = DateTime.Now;
        user.FailedLoginAttempts = 0;
        await service.Login(user);

        return Ok(userDto);
    }



    [HttpPost]
    public async Task<ActionResult<UserDto>> Add([FromBody] UserDto user)
    {
        await service.Add(user);
        return Ok(user);
    }

    [HttpPut]
    public async Task<ActionResult<UserDto>> Update([FromBody] UserDto user)
    {
        await service.Update(user);
        return Ok(user);
    }

    [HttpDelete]
    public async Task<ActionResult<UserDto>> Delete([FromQuery] Guid id)
    {
        await service.Delete(id);
        return Ok();
    }
}