use axum::{
    debug_handler,
    extract::State,
    response::{IntoResponse, Response},
    Json,
};
use http::StatusCode;
use pasetors::{keys::SymmetricKey, version4::V4};
use tracing::debug;

use crate::{
    db::{get_username_and_password_by_username, DbPool, UserAndHashedPassword},
    models::{ApiResponse, AppError},
    requests::{
        auth::login::models::{AuthLoginResponse, AuthLoginTokenData},
        AppState,
    },
    services::{
        auth_token::{generate_access_token, generate_auth_token},
        verify_password,
    },
};

use super::models::AuthLoginRequest;

#[debug_handler]
pub async fn auth_login_post_handler(
    State(state): State<AppState>,
    Json(body): Json<AuthLoginRequest>,
) -> Result<Response, AppError> {
    let pool = state.db_pool();
    let token_key = state.env().token_key();
    auth_login_request(pool, token_key, body).await
}

async fn auth_login_request(
    pool: &DbPool,
    token_key: &SymmetricKey<V4>,
    body: AuthLoginRequest,
) -> Result<Response, AppError> {
    debug!(?body);

    let AuthLoginRequest { username, password } = body;
    let UserAndHashedPassword {
        id: user_id,
        username,
        name,
        password: hashed_password,
    } = get_username_and_password_by_username(pool, username).await?;

    verify_password(password, hashed_password)?;

    let (access_token, _access_token_id, access_token_expiration) =
        generate_access_token(token_key, user_id);

    let (auth_token, _auth_token_id, auth_token_expiration) =
        generate_auth_token(token_key, user_id);

    let response = AuthLoginResponse {
        user_id,
        username,
        name,
        access: AuthLoginTokenData {
            token: access_token,
            expiration: access_token_expiration,
        },
        auth: AuthLoginTokenData {
            token: auth_token,
            expiration: auth_token_expiration,
        },
    };

    Ok((
        StatusCode::OK,
        ApiResponse::new(response).into_json_response(),
    )
        .into_response())
}