package api

import (
	"net/http"

	"cockpit/internal/domain"

	"github.com/gin-gonic/gin"
)

type loginReq struct {
	Username string `json:"username" binding:"required"`
	Password string `json:"password" binding:"required"`
}

func (h *Handler) AuthLogin(c *gin.Context) {
	var req loginReq
	if err := c.ShouldBindJSON(&req); err != nil {
		c.JSON(http.StatusBadRequest, domain.Fail("参数错误"))
		return
	}

	access, refresh, user, perms, err := h.authSvc.Login(c.Request.Context(), req.Username, req.Password)
	if err != nil {
		c.JSON(http.StatusUnauthorized, domain.Fail(err.Error()))
		return
	}

	c.JSON(http.StatusOK, domain.OK(gin.H{
		"accessToken":  access,
		"refreshToken": refresh,
		"user": gin.H{
			"id":          user.ID,
			"username":    user.Username,
			"displayName": user.DisplayName,
		},
		"permissions": perms,
	}))
}

type refreshReq struct {
	RefreshToken string `json:"refreshToken" binding:"required"`
}

func (h *Handler) AuthRefresh(c *gin.Context) {
	var req refreshReq
	if err := c.ShouldBindJSON(&req); err != nil {
		c.JSON(http.StatusBadRequest, domain.Fail("参数错误"))
		return
	}
	access, refresh, err := h.authSvc.Refresh(c.Request.Context(), req.RefreshToken)
	if err != nil {
		c.JSON(http.StatusUnauthorized, domain.Fail(err.Error()))
		return
	}
	c.JSON(http.StatusOK, domain.OK(gin.H{
		"accessToken":  access,
		"refreshToken": refresh,
	}))
}

func (h *Handler) AuthLogout(c *gin.Context) {
	var req refreshReq
	if err := c.ShouldBindJSON(&req); err != nil {
		c.JSON(http.StatusBadRequest, domain.Fail("参数错误"))
		return
	}
	_ = h.authSvc.Logout(c.Request.Context(), req.RefreshToken)
	c.JSON(http.StatusOK, domain.OK(gin.H{}))
}