using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using MyCore.DTO;
using MyCore.Models;
using MyCore.Services;

namespace MyCore.Controllers
{
    [Authorize]
    [Route("api/token")]
    [ApiController]
    public class TokenController : ControllerBase
    {
        private TokenService _tokenService;
        private UserService _userService;

        public TokenController(TokenService tokenService, UserService userService)
        {
            _tokenService = tokenService;
            _userService = userService;
        }

        [AllowAnonymous]
        [HttpPost]
        public ActionResult<UserInfo> ConnectUser([FromBody] TokenDTO tokenDTO)
        {
            //string test = _TokenService.GenerateSHA256String(password);

            if (IsValidUserAndPasswordCombination(tokenDTO.Email, tokenDTO.Password))
            {
                UserInfo user = _userService.GetUserByEmail(tokenDTO.Email);
                user.Token = _tokenService.GenerateToken(tokenDTO.Email).ToString();

                return user;
            }
            return BadRequest();
        }

        private bool IsValidUserAndPasswordCombination(string email, string password)
        {
            // Test if is database and is correct
            List<UserInfo> users = _userService.GetUsers();

            UserInfo user = users.Where(u => u.Email == email).FirstOrDefault();

            if (user != null && user.Password == password)
            {
                return true;
            }

            return false;

            /*if (email == "thomas.fransolet@hotmail.be" && password == "MonsieurMagic") { return true; }
            else return false;*/
        }

    }
}