namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests;

/// <inheritdoc />
public class CreateResetRequestRoute : RouteBaseAsync.WithRequest<string>.WithActionResult
{
	private readonly ILogger<CreateResetRequestRoute> _logger;
	private readonly ForgotPasswordService _forgotPasswordService;
	private readonly AppDbContext _context;

	/// <inheritdoc />
	public CreateResetRequestRoute(ILogger<CreateResetRequestRoute> logger, ForgotPasswordService forgotPasswordService, AppDbContext context) {
		_logger = logger;
		_forgotPasswordService = forgotPasswordService;
		_context = context;
	}

	/// <summary>
	/// Create a new password reset request.
	/// </summary>
	/// <param name="username"></param>
	/// <param name="cancellationToken"></param>
	/// <returns></returns>
	[AllowAnonymous]
	[HttpGet("~/_/forgot-password-requests/create")]
	public override async Task<ActionResult> HandleAsync(string username, CancellationToken cancellationToken = default) {
		if (!username.IsValidEmailAddress()) {
			_logger.LogInformation("Username is invalid, not doing request for password change");
			return BadRequest(new ErrorResult("Invalid email address", username + " looks like an invalid email address"));
		}

		Request.Headers.TryGetValue(AppHeaders.BROWSER_TIME_ZONE, out var timeZoneHeader);
		var tz = TimeZoneInfo.FindSystemTimeZoneById(timeZoneHeader.ToString().HasValue() ? timeZoneHeader.ToString() : "UTC");
		var offset = tz.BaseUtcOffset.Hours;

		// this is fine as long as the client is not connecting from Australia: Lord Howe Island
		// according to https://en.wikipedia.org/wiki/Daylight_saving_time_by_country
		if (tz.IsDaylightSavingTime(DateTime.UtcNow)) {
			offset++;
		}

		_logger.LogInformation("Request time zone (" + tz.Id + ") offset is: " + offset + " hours");
		var requestDateTime = TimeZoneInfo.ConvertTimeFromUtc(DateTime.UtcNow, tz);
		_logger.LogInformation("Creating forgot password request with date time: " + requestDateTime.ToString("u"));

		try {
			var user = _context.Users.SingleOrDefault(c => c.Username.Equals(username));
			if (user != default) {
				await _forgotPasswordService.AddRequestAsync(user, tz, cancellationToken);
				return Ok();
			}

			_logger.LogInformation("User was not found, not doing request for password change");
			return Ok();
		} catch (Exception e) {
			_logger.LogError(e, "ForgotAction failed badly");
			return Ok();
		}
	}
}