use based::auth::{User, UserRole};
use based::check_admin;
use based::request::api::{api_error, vec_to_api, FallibleApiResponse};
use rocket::get;
use rocket::post;
use rocket::serde::json::Json;
use serde::Deserialize;
use serde_json::json;

#[derive(Deserialize)]
pub struct LoginData {
    pub username: String,
    pub password: String,
}

#[post("/login", data = "<login>")]
pub async fn login_route(login: Json<LoginData>) -> FallibleApiResponse {
    let (ses, role) = User::login(&login.username, &login.password)
        .await
        .ok_or_else(|| api_error("Login failed"))?;

    Ok(json!({
        "token": ses.token,
        "role": role
    }))
}

#[derive(Deserialize)]
pub struct PasswdData {
    pub old: String,
    pub new: String,
}

#[post("/passwd", data = "<passwd>")]
pub async fn passwd_route(passwd: Json<PasswdData>, u: User) -> FallibleApiResponse {
    u.passwd(&passwd.old, &passwd.new)
        .await
        .map_err(|()| api_error("Password change failed"))?;

    Ok(json!({
        "ok": 1
    }))
}

#[get("/users")]
pub async fn users_route(u: User) -> FallibleApiResponse {
    check_admin!(u);

    let users: Vec<_> = vec_to_api(&User::find_all().await).await;

    Ok(json!({"users": users}))
}

#[post("/userCreate", data = "<user>")]
pub async fn user_create_route(user: Json<LoginData>, u: User) -> FallibleApiResponse {
    check_admin!(u);

    let new_user = User::create(&user.username, &user.password, UserRole::Regular)
        .await
        .unwrap();

    Ok(json!({"created": new_user.username}))
}