/*
 * T&J Central Bank API
 *
 * API documentation for T&J Central Bank's digital wallets
 *
 * OpenAPI spec version: 1.0.0
 * 
 * Generated by: https://github.com/swagger-api/swagger-codegen.git
 */
using AutoMapper;
using IO.Swagger.Attributes;
using IO.Swagger.Models.RequestDto;
using IO.Swagger.Models.ResponseDto;
using IO.Swagger.Repositories;
using IO.Swagger.Security;
using IO.Swagger.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Swashbuckle.AspNetCore.Annotations;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;

namespace IO.Swagger.Controllers
{
    /// <summary>
    /// 
    /// </summary>
    [ApiController]
    public class AuthApiController : ControllerBase
    {
        private readonly IUserRepository repository;
        private readonly JwtService jwt;
        private readonly IMapper mapper;

        /// <summary>
        /// The controller for the authotization endpoints
        /// </summary>
        /// <param name="repository"></param>
        /// <param name="jwt"></param>
        /// <param name="mapper"></param>
        /// <exception cref="ArgumentNullException"></exception>
        public AuthApiController(IUserRepository repository, JwtService jwt, IMapper mapper)
        {
            this.repository = repository ?? throw new ArgumentNullException(nameof(repository));
            this.jwt = jwt ?? throw new ArgumentNullException(nameof(jwt));
            this.mapper = mapper ?? throw new ArgumentNullException(nameof(mapper));
        }

        /// <summary>
        /// Get user details
        /// </summary>
        /// <response code="200">Successful response</response>
        /// <response code="401">Unauthorized</response>
        [HttpGet]
        [Route("/v1/api/auth/details")]
        [Authorize(AuthenticationSchemes = BearerAuthenticationHandler.SchemeName)]
        [ValidateModelState]
        [SwaggerOperation("GetUserDetails")]
        [ProducesResponseType(typeof(UserDto), 200)]
        public virtual async Task<IActionResult> GetUserDetails()
        {
            string userIdString = HttpContext.User.Claims.First(c => c.Type == ClaimTypes.NameIdentifier).Value;
            if (!int.TryParse(userIdString, out int userId))
                return Unauthorized();
            Models.db.User user = await repository.RetrieveUser(userId);
            return Ok(mapper.Map<UserDto>(user));
        }

        /// <summary>
        /// Log in with email and password
        /// </summary>
        /// <param name="body"></param>
        /// <response code="200">Logged in successfully</response>
        /// <response code="400">Bad Request</response>
        /// <response code="401">Unauthorized</response>
        [HttpPost]
        [Route("/v1/api/auth/login")]
        [ValidateModelState]
        [SwaggerOperation("LoginUser")]
        [ProducesResponseType(typeof(TokenDto), 200)]
        [ProducesResponseType(typeof(IEnumerable<string>), 400)]
        public virtual async Task<IActionResult> LoginUser([FromBody] AuthLoginBody body)
        {
            if (!ModelState.IsValid)
                return BadRequest(ModelState.Values.SelectMany(v => v.Errors.Select(e => e.ErrorMessage)));
            Models.db.User user = await repository.LoginUser(body);
            return user == null ? Unauthorized() : Ok(new TokenDto { Token = jwt.GenerateJwt(user.Id) });
        }

        /// <summary>
        /// Register a new user
        /// </summary>
        /// <param name="body"></param>
        /// <response code="200">User registered successfully</response>
        /// <response code="400">Bad Request</response>
        /// <response code="409">Conflict (user with provided email already exists)</response>
        [HttpPost]
        [Route("/v1/api/auth/register")]
        [ValidateModelState]

        [SwaggerOperation("RegisterUser")]
        [ProducesResponseType(typeof(TokenDto), 200)]
        [ProducesResponseType(typeof(IEnumerable<string>), 400)]
        public async Task<IActionResult> RegisterUser([FromBody] AuthRegisterBody body)
        {
            if (!ModelState.IsValid)
                return BadRequest(ModelState.Values.SelectMany(v => v.Errors.Select(e => e.ErrorMessage)));

            Models.db.User user = await repository.RegisterUser(body);
            return user == null ? StatusCode(409) : Ok(new TokenDto { Token = jwt.GenerateJwt(user.Id) });
        }
    }
}