using MyCore.Interfaces.DTO;
using MyCore.Service.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using Microsoft.Net.Http.Headers;
using NSwag.Annotations;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Threading.Tasks;

namespace MyCore.Service.Controllers
{
    /// <summary>
    /// Authentication controller
    /// </summary>
    [ApiController, Route("api/[controller]")]
    [Authorize]
    [OpenApiTag("Authentication", Description = "Authentication management")]
    public class AuthenticationController : ControllerBase
    {
        private readonly ILogger<AuthenticationController> _logger;
        private readonly TokensService _tokensService;

        /// <summary>
        /// Constructor
        /// </summary>
        /// <param name="logger">Logger</param>
        /// <param name="tokensService">Tokens service</param>
        public AuthenticationController(ILogger<AuthenticationController> logger, TokensService tokensService)
        {
            _logger = logger;
            _tokensService = tokensService;
        }

        private ActionResult<LoginDTO> Authenticate(string email, string password)
        {
            try
            {
                var token = _tokensService.Authenticate(email.ToLower(), password);

                return Ok(token);
            }
            /*catch (UnauthorizedAccessException ex)
            {
                _logger?.LogError(ex, $"Authentication error for user '{email}': unauthorized access");
                return Unauthorized(ex);
            }*/
            catch (Exception ex)
            {
                _logger?.LogError(ex, $"Authenticate error for user '{email}'");
                return Problem($"Authenticate error for user '{email}': {ex.Message}");
            }
        }

        /// <summary>
        /// Authenticate with form parameters (used by Swagger test client)
        /// </summary>
        /// <param name="tokenRequest">Swagger token request</param>
        /// <returns>Token descriptor</returns>
        [AllowAnonymous]
        [HttpPost("Token")]
        [Consumes("application/x-www-form-urlencoded")]
        [SwaggerResponse(HttpStatusCode.OK, typeof(LoginDTO), Description = "Success")]
        [SwaggerResponse(HttpStatusCode.Unauthorized, typeof(string), Description = "Invalid credentials")]
        [SwaggerResponse(HttpStatusCode.InternalServerError, typeof(string), Description = "Error")]
        public ActionResult<LoginDTO> AuthenticateWithForm([FromForm] SwaggerTokenRequest tokenRequest)
        {
            return Authenticate(tokenRequest.username, tokenRequest.password);
        }

        /// <summary>
        /// Authenticate with Json parameters (used by most clients)
        /// </summary>
        /// <param name="login">Login DTO</param>
        /// <returns>Token descriptor</returns>
        [AllowAnonymous]
        [HttpPost("Authenticate")]
        [Consumes("application/json")]
        [SwaggerResponse(HttpStatusCode.OK, typeof(LoginDTO), Description = "Success")]
        [SwaggerResponse(HttpStatusCode.Unauthorized, typeof(string), Description = "Invalid credentials")]
        [SwaggerResponse(HttpStatusCode.InternalServerError, typeof(string), Description = "Error")]
        public ActionResult<LoginDTO> AuthenticateWithJson([FromBody] LoginDTO login)
        {
            return Authenticate(login.Email.ToLower(), login.Password);
        }
    }
}