using Microsoft.AspNetCore.Mvc;
using OwnChar.Api.Responses;
using OwnChar.Model;

namespace OwnChar.ServerNew.Api.Endpoint.Implementations;

internal class LoginApi(ServerContext server) : IApiEndpoint
{
    public void Initialize(IApiBuilder builder)
    {
        builder.Map("/auth/login/{username}", Login);
        builder.Map("/auth/logout/{secret}", Logout);
    }

    private IResult Login(string username, [FromHeader(Name = "X-USER-PASSWORD")] string password)
    {
        if (server.Data != null && server.Data.GetAll<UserAccount>()?.FirstOrDefault(n => n.Username == username && n.Password == password) is UserAccount account)
            return TypedResults.Ok(new LoginResponse
            {
                Secret = server.Login(account),
                UserAccount = account,
            });
        return TypedResults.Unauthorized();
    }

    private IResult Logout([FromHeader(Name = "X-AUTH-SECRET")] string secret)
    {
        server.Logout(secret);
        return TypedResults.Ok();
    }
}