import {Controller, HTTPError, json, Session} from '@extollo/lib'
import {Inject, Injectable} from '@extollo/di'
import {User} from '../../../models/User.model'
import {HTTPStatus} from '@extollo/util'
import {LoginToken} from '../../../models/LoginToken.model'

/**
 * Login Controller
 */
@Injectable()
export class Login extends Controller {
    @Inject()
    protected readonly session!: Session

    public async debugInjectUser() {
        const user = await User.query<User>().get().first()
        if ( user ) {
            this.session.set('auth.user_id', user.key())
            return json(user)
        }

        return json({
            success: false,
            error: 'No user found.',
        })
    }

    public async getLoginToken() {
        if ( !this.request.hasKey(User) ) {
            throw new HTTPError(HTTPStatus.FORBIDDEN)
        }

        const user = this.request.make<User>(User)
        const token = await LoginToken.forUser(user)
        return json(token.toObject())
    }

    public async redeemToken() {
        const tokenValue = this.request.input('token')
        if ( !tokenValue || typeof tokenValue !== 'string' ) {
            throw new HTTPError(HTTPStatus.http400, 'Invalid or missing token value.')
        }

        const loginToken = await LoginToken.query<LoginToken>()
            .where('token', '=', tokenValue)
            .where('redeemed', '=', false)
            .first()

        if ( !loginToken ) {
            throw new HTTPError(HTTPStatus.NOT_FOUND, 'Invalid token value.')
        }

        const accessToken = await loginToken.redeem()
        return json({
            token: accessToken.token
        })
    }
}