namespace IOL.GreatOffice.Api.Endpoints.Internal.Account;

public class CreateAccountRoute : RouteBaseAsync.WithRequest<CreateAccountPayload>.WithActionResult
{
    private readonly MainAppDatabase _database;
    private readonly UserService _userService;

    public CreateAccountRoute(UserService userService, MainAppDatabase database) {
        _userService = userService;
        _database = database;
    }

    /// <summary>
    /// Create a new user account.
    /// </summary>
    /// <param name="request"></param>
    /// <param name="cancellationToken"></param>
    /// <returns></returns>
    [AllowAnonymous]
    [HttpPost("~/_/account/create")]
    public override async Task<ActionResult> HandleAsync(CreateAccountPayload request, CancellationToken cancellationToken = default) {
        if (request.Username.IsValidEmailAddress() == false) {
            return BadRequest(new KnownProblemModel("Invalid form", request.Username + " does not look like a valid email"));
        }

        if (request.Password.Length < 6) {
            return BadRequest(new KnownProblemModel("Invalid form", "The password requires 6 or more characters."));
        }

        var username = request.Username.Trim();
        if (_database.Users.Any(c => c.Username == username)) {
            return BadRequest(new KnownProblemModel("Username is not available", "There is already a user registered with email: " + username));
        }

        var user = new User(username);
        user.HashAndSetPassword(request.Password);
        _database.Users.Add(user);
        await _database.SaveChangesAsync(cancellationToken);
        await _userService.LogInUser(HttpContext, user);
        return Ok();
    }
}