namespace IOL.GreatOffice.Api.Endpoints.Internal.Account;

/// <inheritdoc />
public class CreateAccountRoute : RouteBaseAsync.WithRequest<CreateAccountPayload>.WithActionResult
{
	private readonly AppDbContext _context;
	private readonly UserService _userService;

	/// <inheritdoc />
	public CreateAccountRoute(UserService userService, AppDbContext context) {
		_userService = userService;
		_context = context;
	}

	/// <summary>
	/// Create a new user account.
	/// </summary>
	/// <param name="request"></param>
	/// <param name="cancellationToken"></param>
	/// <returns></returns>
	[AllowAnonymous]
	[HttpPost("~/_/account/create")]
	public override async Task<ActionResult> HandleAsync(CreateAccountPayload request, CancellationToken cancellationToken = default) {
		if (request.Username.IsValidEmailAddress() == false) {
			return BadRequest(new ErrorResult("Invalid form", request.Username + " does not look like a valid email"));
		}

		if (request.Password.Length < 6) {
			return BadRequest(new ErrorResult("Invalid form", "The password requires 6 or more characters."));
		}

		var username = request.Username.Trim();
		if (_context.Users.Any(c => c.Username == username)) {
			return BadRequest(new ErrorResult("Username is not available", "There is already a user registered with email: " + username));
		}

		var user = new User(username);
		user.HashAndSetPassword(request.Password);
		_context.Users.Add(user);
		await _context.SaveChangesAsync(cancellationToken);
		await _userService.LogInUser(HttpContext, user);
		return Ok();
	}
}