using TechHelper.Context;
using TechHelper.Services;
using Entities.DTO;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Entities.Contracts;

namespace TechHelper.Controllers
{
	[Route("api/token")]
	[ApiController]
	public class TokenController : ControllerBase
	{
		private readonly UserManager<User> _userManager;
		private readonly IAuthenticationService _authenticationService;

		public TokenController(UserManager<User> userManager, IAuthenticationService authenticationService)
		{
			_userManager = userManager;
			_authenticationService = authenticationService;
		}

		[HttpPost("refresh")]
		public async Task<IActionResult> Refresh(
			[FromBody] RefreshTokenDto tokenDto)
		{
			if (tokenDto == null)
			{
				return BadRequest( new AuthResponseDto
				{
					IsAuthSuccessful = false,
					ErrorMessage = "Invalid client reques"
				} );
			}

			var principal = _authenticationService.GetPrincipalFromExpiredToken(tokenDto.Token);

			var userName = principal.Identity.Name;

			var user = await _userManager.FindByEmailAsync(userName);
			if (user == null || user.RefreshToken != tokenDto.RefreshToken || user.RefreshTokenExpiryTime <= DateTime.Now)
			{
				return BadRequest(new AuthResponseDto
				{
					IsAuthSuccessful = false,
					ErrorMessage = " Invalid client reques "
				});
			}

			var token = await _authenticationService.GetToken(user);
			user.RefreshToken = _authenticationService.GenerateRefreshToken();

			await _userManager.UpdateAsync(user);

			return Ok(new AuthResponseDto
			{
				Token = token,
				RefreshToken = user.RefreshToken,
				IsAuthSuccessful = true
			});

		}
	}
}