using AsbCloudApp.Data;
using AsbCloudApp.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Swashbuckle.AspNetCore.Annotations;

namespace AsbCloudWebApi.Controllers
{
    [Route("/auth")]
    [ApiController]
    public class AuthController : ControllerBase
    {
        private readonly IAuthService authService;

        public AuthController(IAuthService authService)
        {
            this.authService = authService;
        }

        /// <summary>
        /// Аутентификация пользователя
        /// </summary>
        /// <param name="auth"></param>
        /// <response code="200">новый токен</response>
        /// <response code="400">логин и пароль не подходят</response>
        [AllowAnonymous]
        [HttpPost("login")]
        [SwaggerOperation(OperationId = "logiin")]
        [ProducesResponseType(typeof(UserTokenDto), (int)System.Net.HttpStatusCode.OK)]
        public IActionResult Login([FromBody] AuthDto auth)
        {
            var userToken = authService.Login(auth.Login, auth.Password);
            if (userToken is null)
                BadRequest();//"wrong login or password"

            return Ok(userToken);
        }

        /// <summary>
        /// Продление срока действия токена
        /// </summary>
        /// <returns code="200">новый токен</returns>
        [Authorize]
        [HttpGet("refresh")]
        public IActionResult Refresh()
        {
            var newToken = authService.Refresh(User);
            return Ok(newToken);
        }
    }
}