use crate::controllers::HttpResult;
use crate::extractors::auth_extractor::{AuthExtractor, AuthenticatedMethod};
use crate::users::{APIToken, APITokenID, BaseAPIToken};
use actix_web::{HttpResponse, web};

/// Create a new token
pub async fn create(auth: AuthExtractor) -> HttpResult {
    if matches!(auth.method, AuthenticatedMethod::Token(_)) {
        return Ok(HttpResponse::Forbidden()
            .json("It is not allowed to create a token using another token!"));
    }

    let base = auth.decode_json_body::<BaseAPIToken>()?;

    if let Some(err) = base.check() {
        return Ok(HttpResponse::BadRequest().json(err));
    }

    let token = APIToken::create(&auth.as_ref().email, base).await?;

    Ok(HttpResponse::Ok().json(token))
}

/// Get the list of tokens of current user
pub async fn get_list(auth: AuthExtractor) -> HttpResult {
    Ok(HttpResponse::Ok().json(
        APIToken::list_user(&auth.as_ref().email)
            .await?
            .into_iter()
            .map(|mut t| {
                t.secret = String::new();
                t
            })
            .collect::<Vec<_>>(),
    ))
}

#[derive(serde::Deserialize)]
pub struct TokenIDInPath {
    id: APITokenID,
}

/// Delete an API access token
pub async fn delete(auth: AuthExtractor, path: web::Path<TokenIDInPath>) -> HttpResult {
    let token = APIToken::load(&auth.user.email, &path.id).await?;
    token.delete(&auth.user.email).await?;
    Ok(HttpResponse::Accepted().finish())
}