package be.vandewalleh.routing

import be.vandewalleh.auth.SimpleJWT
import be.vandewalleh.auth.UsernamePasswordCredential
import be.vandewalleh.services.UserService
import io.ktor.application.call
import io.ktor.http.HttpStatusCode
import io.ktor.request.receive
import io.ktor.response.respond
import io.ktor.routing.Routing
import io.ktor.routing.post
import io.ktor.routing.route
import org.kodein.di.Kodein
import org.kodein.di.generic.instance
import org.mindrot.jbcrypt.BCrypt

fun Routing.login(kodein: Kodein) {
    val simpleJwt by kodein.instance<SimpleJWT>()
    val userService by kodein.instance<UserService>()

    data class TokenResponse(val token: String)

    route("/login"){
        post {
            val credential = call.receive<UsernamePasswordCredential>()

            val (email, password) = userService.getEmailAndPasswordFromUsername(credential.username)
                ?: return@post call.respond(HttpStatusCode.Unauthorized)

            if (!BCrypt.checkpw(credential.password, password)) {
                return@post call.respond(HttpStatusCode.Unauthorized)
            }

            return@post call.respond(TokenResponse(simpleJwt.sign(email)))
        }
    }


}