JBear2/src/main/kotlin/at/eisibaer/jbear2/endpoint/AuthEndpoint.kt

package at.eisibaer.jbear2.endpoint

import at.eisibaer.jbear2.dto.auth.LoginDto
import at.eisibaer.jbear2.dto.auth.LoginResponseDto
import at.eisibaer.jbear2.model.Board
import at.eisibaer.jbear2.model.User
import at.eisibaer.jbear2.repository.UserRepository
import at.eisibaer.jbear2.security.jwt.JwtUtils
import at.eisibaer.jbear2.security.userdetail.UserDetailsImpl
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import org.springframework.http.HttpHeaders
import org.springframework.http.ResponseCookie
import org.springframework.http.ResponseEntity
import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.crypto.password.PasswordEncoder
import org.springframework.stereotype.Controller
import org.springframework.web.bind.annotation.PostMapping
import org.springframework.web.bind.annotation.RequestBody
import org.springframework.web.bind.annotation.RequestMapping

@Controller
@RequestMapping("/api/auth")
class AuthEndpoint(
    val authenticationManager: AuthenticationManager,
    val userRepository: UserRepository,
    val encoder: PasswordEncoder,
    val jwtUtils: JwtUtils,
) {

    private val log: Logger = LoggerFactory.getLogger(AuthEndpoint::class.java);

    val strResponseSuccess: String = "Sending back success response";

    @PostMapping("/signup")
    fun signupUser(@RequestBody loginDto: LoginDto): ResponseEntity<String>{
        log.info("Endpoint singupUser called");
        log.debug("signup Request with username: {}", loginDto.username);
        if( userRepository.existsByUsername(loginDto.username)){
            log.info("Username was already taken");
            ResponseEntity.badRequest().body("Username already taken");
        }

        val user = User(loginDto.username, encoder.encode( loginDto.password), ArrayList(), null, null );

        userRepository.save(user);

        log.info(strResponseSuccess);
        return ResponseEntity.ok().body("User registered successfully");
    }

    @PostMapping("/login")
    fun loginUser(@RequestBody loginDto: LoginDto): ResponseEntity<LoginResponseDto>{
        log.info("Endpoint loginUser called");
        log.debug("login Request with username: {}", loginDto.username);
        val authentication = authenticationManager.authenticate(
            UsernamePasswordAuthenticationToken(
                loginDto.username,
                loginDto.password
            )
        )

        SecurityContextHolder.getContext().authentication = authentication;

        val userDetails: UserDetailsImpl = authentication.principal as UserDetailsImpl;

        val jwtCookie = jwtUtils.generateJwtCookie(userDetails);

        log.info(strResponseSuccess);
        return ResponseEntity.ok()
            .header( HttpHeaders.SET_COOKIE, jwtCookie.toString() )
            .body( LoginResponseDto(userDetails.username, userDetails.getProfilePictureFilename()))
    }

    @PostMapping("signout")
    fun logoutUser(): ResponseEntity<String>{
        log.info("Endpoint logoutUser called");
        val cookie: ResponseCookie =  jwtUtils.getCleanJwtCookie();

        log.info(strResponseSuccess);
        return ResponseEntity.ok()
            .header(HttpHeaders.SET_COOKIE, cookie.toString())
            .body("Logged out");
    }
}