using AuthApi.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using SystemX.Core;
using SystemX.Core.Controller;
using SystemX.Core.Model.Auth;
using WebApi.Library.Config;

namespace AuthApi.Controllers
{
    [Tags("Auth")]
    [Route("api/auth")]
    [ApiController]
    [ApiExplorerSettings(IgnoreApi = false)]
    public class AuthController : CommonController<WebApiConfig>
    {
        private readonly AuthService _authService;

        public AuthController(IServiceProvider serviceProvider, IHttpContextAccessor httpContextAccessor,
            AuthService authService)
            : base(serviceProvider, httpContextAccessor)
        {
            _authService = authService;
        }

        [HttpGet("health")]
        public async Task<IResult> Health()
        {
            LogXnet.WriteLine($"[{GetRequestMethod()}:{GetMethodName()}] [Client IP:{GetClientIP()}] [RequestUrl:{GetRequestUrl()}]{Environment.NewLine}", LogXLabel.CONTROLLER);
            await Task.CompletedTask;

            return Results.Ok("Healthy");
        }

        [HttpPost("regisger")]
        public async Task<IResult> Register([FromBody] Register request)
        {
            Guid guid = Guid.NewGuid();

            LogXnet.WriteLine($"[Request][{GetRequestMethod()}:{GetMethodName()}][Client IP:{GetClientIP()}][RequestUrl:{GetRequestUrl()}]::({guid}){Environment.NewLine} {request.ToJson()}", LogXLabel.CONTROLLER);

            RegisterResponse response = new RegisterResponse();
            if (request?.UserID != null && request?.Password != null)
            {
                response = await _authService.CreateUser(request);
            }

            LogXnet.WriteLine($"[Response]::({guid}){Environment.NewLine} {response.ToJson()}", LogXLabel.CONTROLLER);

            return Results.Ok(response);
        }

        [HttpPost("login")]
        public async Task<IResult> Login([FromBody] Login request)
        {
            LogXnet.WriteLine($"[Request]({guid}) api/auth/register{Environment.NewLine} {request.ToJson()}", LogXLabel.CONTROLLER);

            LoginResponse response = new LoginResponse();
            response.UserID = request.UserID;
            response.EC = ERROR_CODE.EC_USER_LOGIN_FAILED;

            if (request.UserID != null && request.Password != null)
            {
                response = await _authService.SelectUser(request);

                if (response.EC == ERROR_CODE.EC_OK)
                {
                    double convertExpires = Convert.ToDouble(_configService?.GetConfig()?.Auth?.accessTokenExpires);

                    response.AccessToken = GenerateJwtToken(response);
                    response.AccessTokenExpired = DateTime.UtcNow.AddMinutes(convertExpires).ToUnixTime();

                    response.RefreshToken = GenerateJwtToken(response, true);
                }

                await _authService.UpdateLoginInfo(request, response.RefreshToken);
            }

            LogXnet.WriteLine($"[Response]({guid}) api/auth/register{Environment.NewLine} {response.ToJson()}", LogXLabel.CONTROLLER);

            return Results.Ok(response);
        }

        [HttpPost("logout")]
        public async Task<IResult> Logout([FromBody] Logout request)
        {
            LogXnet.WriteLine($"[Request]({guid}) api/auth/register{Environment.NewLine} {request.ToJson()}", LogXLabel.CONTROLLER);

            var response = _authService.LogoutUser(request);
            await Task.CompletedTask;

            LogXnet.WriteLine($"[Response]({guid}) api/auth/register{Environment.NewLine} {response.ToJson()}", LogXLabel.CONTROLLER);

            return Results.Ok(response);
        }

        [Authorize]
        [HttpPost("validate")]
        public ActionResult<string> Validate([FromBody] string authToken)
        {
            return "";
        }

        private TokenValidationParameters GetValidationParameters()
        {
            return new TokenValidationParameters()
            {
                ValidateLifetime = true,
                ValidateAudience = true,
                ValidateIssuer = true,
                ValidIssuer = $"{_configService?.GetConfig()?.Auth?.issuer}",
                ValidAudience = $"{_configService?.GetConfig()?.Auth?.issuer}",
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes($"{_configService?.GetConfig()?.Auth?.accessTokenSecret}"))
            };
        }

        private string GenerateJwtToken(LoginResponse loginResponseModel, bool isRefreshToken = false)
        {
            var claims = new[]
            {
                new Claim(ClaimTypes.Name, $"{loginResponseModel.UserID}"),
                new Claim(ClaimTypes.Role, $"{loginResponseModel.RoleName}"),
            };

            string secret = $"{_configService?.GetConfig()?.Auth?.accessTokenSecret}";
            double convertExpires = Convert.ToDouble(_configService?.GetConfig()?.Auth?.accessTokenExpires);
            if (isRefreshToken == true)
            {
                secret = $"{_configService?.GetConfig()?.Auth?.refreshTokenSecret}";
                convertExpires = Convert.ToDouble(_configService?.GetConfig()?.Auth?.refreshTokenExpires);
            }

            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret));
            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

            var token = new JwtSecurityToken(
                issuer: $"{_configService?.GetConfig()?.Auth?.issuer}",
                audience: $"{_configService?.GetConfig()?.Auth?.audience}",
                claims: claims,
                expires: DateTime.UtcNow.AddMinutes(convertExpires),
                signingCredentials: creds
            );

            return new JwtSecurityTokenHandler().WriteToken(token);
        }
    }
}