using Flawless.Communication.Request;
using Flawless.Communication.Response;
using Flawless.Server.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;

namespace Flawless.Server.Controllers;

[ApiController, Authorize, Route("api/admin")]
public class AdminUserController(
    UserManager<AppUser> userManager) : ControllerBase
{
    [HttpPost("user/delete/{username}")]
    public async Task<IActionResult> DeleteUserAsync(string username)
    {
        var user = await userManager.FindByNameAsync(username);
        
        if (user == null) return BadRequest(new FailedResponse("User does not exist!"));
        var result = await userManager.DeleteAsync(user);

        if (!result.Succeeded) return BadRequest(new FailedResponse(result.Errors));
        return Ok();
    }
    
    [HttpPost("user/enable/{username}")]
    public async Task<IActionResult> EnableUserAsync(string username)
    {
        var user = await userManager.FindByNameAsync(username);
        
        if (user == null) return BadRequest(new FailedResponse("User does not exist!"));
        var result = await userManager.SetLockoutEnabledAsync(user, false);

        if (!result.Succeeded) return BadRequest(new FailedResponse(result.Errors));
        return Ok();
    }
    
    [HttpPost("user/disable/{username}")]
    public async Task<IActionResult> DisableUserAsync(string username)
    {
        var user = await userManager.FindByNameAsync(username);
        
        if (user == null) return BadRequest(new FailedResponse("User does not exist!"));
        var result = await userManager.SetLockoutEnabledAsync(user, true);

        if (!result.Succeeded) return BadRequest(new FailedResponse(result.Errors));
        return Ok();
    }

    [HttpPost("user/reset_password")]
    public async Task<IActionResult> ResetPasswordAsync(ResetPasswordRequest r)
    {
        if (r.Identity == null) return BadRequest(new FailedResponse("Identity (User Id) is not set!"));
        var user = await userManager.FindByIdAsync(r.Identity);
        
        if (user == null) return BadRequest(new FailedResponse("Identity (User Id) does not exist!"));
        var resetToken = await userManager.GeneratePasswordResetTokenAsync(user);
        var result = await userManager.ResetPasswordAsync(user, resetToken, r.NewPassword);
        
        if (!result.Succeeded) return BadRequest(new FailedResponse(result.Errors));
        return Ok();
    }
    
}