using GrossesMitainesAPI.Data;
using GrossesMitainesAPI.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;

namespace GrossesMitainesAPI.Controllers;
[EnableCors("_myAllowSpecificOrigins"), ApiController, Route("api/[controller]"),
 Authorize(AuthenticationSchemes = "Identity.Application", Roles = "Administrateur")]
public class UserController : Controller {
    private readonly UserManager<InventoryUser> _userMan;
    private readonly SignInManager<InventoryUser> _signInMan;
    private readonly ILogger<UserController> _logger;

    public UserController(ILogger<UserController> logger, SignInManager<InventoryUser> signin, UserManager<InventoryUser> userman) {
        _logger = logger;
        _signInMan = signin;
        _userMan = userman;
    }

    [HttpPost, AllowAnonymous]
    public async Task<ActionResult<ReturnUserViewModel>> Post(SignUpUserModel sign) {
        InventoryUser usr;
        try {
            usr = new(sign);
        } catch { 
            return BadRequest("Erreur utilisateur");
        }
        try {
            usr.PasswordHash = new PasswordHasher<InventoryUser>().HashPassword(usr, sign.Password);
        } catch {
            return BadRequest("Erreur de mot de passe.");
        }
        try {
            await _userMan.CreateAsync(usr);
            await _userMan.AddToRoleAsync(usr, "Client");
        } catch (Exception e) {
            return BadRequest(e.Message);
        }
        return new ReturnUserViewModel(usr, "Client");
    }
}