namespace IOL.GreatOffice.Api.Endpoints.Internal.Account;

public class UpdateAccountRoute : RouteBaseAsync.WithRequest<UpdatePayload>.WithActionResult
{
	private readonly AppDbContext _context;

	/// <inheritdoc />
	public UpdateAccountRoute(AppDbContext context) {
		_context = context;
	}

	/// <summary>
	/// Update the logged on user's data.
	/// </summary>
	/// <param name="request"></param>
	/// <param name="cancellationToken"></param>
	/// <returns></returns>
	[HttpPost("~/_/account/update")]
	public override async Task<ActionResult> HandleAsync(UpdatePayload request, CancellationToken cancellationToken = default) {
		var user = _context.Users.SingleOrDefault(c => c.Id == LoggedInUser.Id);
		if (user == default) {
			await HttpContext.SignOutAsync();
			return Unauthorized();
		}

		if (request.Password.IsNullOrWhiteSpace() && request.Username.IsNullOrWhiteSpace()) {
			return BadRequest(new ErrorResult("Invalid request", "No data was submitted"));
		}

		if (request.Password.HasValue() && request.Password.Length < 6) {
			return BadRequest(new ErrorResult("Invalid request",
											  "The new password must contain at least 6 characters"));
		}

		if (request.Password.HasValue()) {
			user.HashAndSetPassword(request.Password);
		}

		if (request.Username.HasValue() && !request.Username.IsValidEmailAddress()) {
			return BadRequest(new ErrorResult("Invalid request",
											  "The new username does not look like a valid email address"));
		}

		if (request.Username.HasValue()) {
			user.Username = request.Username.Trim();
		}

		await _context.SaveChangesAsync(cancellationToken);
		return Ok();
	}
}