<?php

namespace App\Controllers;

use App\Auth\UseCases\AuthenticateUser\AuthenticateUser;
use App\Auth\UseCases\AuthenticateUser\AuthenticateUserRequest;
use App\Auth\UseCases\CreateSession\CreateSession;
use App\Auth\UseCases\Logout\Logout;
use App\Exceptions\BadRequestException;
use App\Exceptions\UnauthorizedException;
use App\Http\Middleware\AuthMiddleware;
use App\User\UseCases\ConfirmUserEmail\ConfirmUserEmail;
use App\User\UseCases\ConfirmUserEmail\ConfirmUserEmailRequest;
use App\User\UseCases\SignupUser\SignupUser;
use App\User\UseCases\SignupUser\SignupUserRequest;
use App\User\User;
use DomainException;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Cookie;

class AuthController
{
    public function __construct(
        private SignupUser $signupUser,
        private ConfirmUserEmail $confirmUserEmail,
        private AuthenticateUser $authenticateUser,
        private CreateSession $createSession,
        private Logout $logoutUseCase,
    ) {}

    public function signup(Request $request): JsonResponse
    {
        try {
            $this->signupUser->execute(new SignupUserRequest(
                email: $request->input('email'),
                displayName: $request->input('displayName'),
            ));
        } catch (BadRequestException $exception) {
            return new JsonResponse(
                ['error' => $exception->getMessage()], 400,
            );
        } catch (DomainException $exception) {
            return new JsonResponse(
                ['error' => $exception->getMessage()], 409,
            );
        }

        return new JsonResponse(null, 201);
    }

    public function confirmEmail(Request $request): JsonResponse
    {
        try {
            $this->confirmUserEmail->execute(new ConfirmUserEmailRequest(
                token: $request->input('token'),
                password: $request->input('password'),
            ));
        } catch (BadRequestException $exception) {
            return new JsonResponse(
                ['error' => $exception->getMessage()], 400,
            );
        } catch (DomainException $exception) {
            return new JsonResponse(
                ['error' => $exception->getMessage()], 409,
            );
        }

        return new JsonResponse(null, 200);
    }

    public function login(Request $request): JsonResponse
    {
        try {
            $user = $this->authenticateUser->execute(
                new AuthenticateUserRequest(
                    email: $request->input('email'),
                    password: $request->input('password'),
                ),
            );
        } catch (BadRequestException $exception) {
            return new JsonResponse(
                ['error' => $exception->getMessage()], 400,
            );
        } catch (UnauthorizedException $exception) {
            return new JsonResponse(
                ['error' => $exception->getMessage()], 401,
            );
        }

        $session = $this->createSession->execute($user);

        $response = new JsonResponse([
            'user' => $this->buildUserPayload($user),
        ], 200);

        return $response->withCookie(Cookie::create(
            name: AuthMiddleware::COOKIE_NAME,
            value: $session->getToken(),
            expire: $session->getExpiresAt()->getTimestamp(),
            path: '/',
            domain: null,
            secure: false,
            httpOnly: true,
            raw: false,
            sameSite: Cookie::SAMESITE_LAX,
        ));
    }

    public function me(Request $request): JsonResponse
    {
        /** @var User $user */
        $user = $request->attributes->get('user');

        return new JsonResponse([
            'user' => $this->buildUserPayload($user),
        ], 200);
    }

    public function logout(Request $request): JsonResponse
    {
        $token = $request->cookie(AuthMiddleware::COOKIE_NAME);
        if (is_string($token) && $token !== '') {
            $this->logoutUseCase->execute($token);
        }

        $response = new JsonResponse(null, 204);

        return $response->withCookie(Cookie::create(
            name: AuthMiddleware::COOKIE_NAME,
            value: '',
            expire: 1,
            path: '/',
            domain: null,
            secure: false,
            httpOnly: true,
            raw: false,
            sameSite: Cookie::SAMESITE_LAX,
        ));
    }

    /**
     * @return array{
     *     id: int,
     *     email: string,
     *     displayName: string,
     *     isAdmin: bool
     * }
     */
    private function buildUserPayload(User $user): array
    {
        return [
            'id' => $user->getId(),
            'email' => $user->getEmail()->value(),
            'displayName' => $user->getDisplayName(),
            'isAdmin' => $user->isAdmin(),
        ];
    }
}