using FastEndpoints;
using MetaCourse.Api.Data;
using MetaCourse.Api.DTOs.Users;
using Microsoft.EntityFrameworkCore;

namespace MetaCourse.Api.Endpoints.Users;

public class LoginEndpoint(AppDbContext db) : Endpoint<LoginUserDto, LoginResponseDto>
{
    public override void Configure()
    {
        Post("api/users/login");
        AllowAnonymous();
        Summary(s =>
        {
            s.Summary = "Connexion d'un utilisateur";
            s.Description = "Authentifie l'utilisateur avec email et mot de passe.";
        });
    }

    public override async Task HandleAsync(LoginUserDto req, CancellationToken ct)
    {
        var user = await db.Users.FirstOrDefaultAsync(u => u.Email == req.Email, ct);

        if (user is null || !BCrypt.Net.BCrypt.Verify(req.Password, user.PasswordHash))
        {
            AddError("Email ou mot de passe incorrect.");
            await SendErrorsAsync(401, ct);
            return;
        }

        await SendOkAsync(new LoginResponseDto
        {
            UserId = user.Id,
            Name = user.Name,
            Email = user.Email
        }, ct);
    }
}