package api

import (
	"encoding/json"
	"errors"
	"log"
	"net/http"

	"gitea.mrixs.me/minecraft-platform/backend/internal/core"
	"gitea.mrixs.me/minecraft-platform/backend/internal/models"
)

type AuthHandler struct {
	Service *core.AuthService
}

// YggdrasilError - стандартный формат ошибки для authserver
type YggdrasilError struct {
	Error        string `json:"error"`
	ErrorMessage string `json:"errorMessage"`
}

func (h *AuthHandler) Authenticate(w http.ResponseWriter, r *http.Request) {
	var req models.AuthenticateRequest
	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
		http.Error(w, "Invalid request body", http.StatusBadRequest)
		return
	}

	response, err := h.Service.Authenticate(r.Context(), req)
	if err != nil {
		if errors.Is(err, core.ErrInvalidCredentials) {
			w.Header().Set("Content-Type", "application/json")
			w.WriteHeader(http.StatusForbidden) // 403
			json.NewEncoder(w).Encode(YggdrasilError{
				Error:        "ForbiddenOperationException",
				ErrorMessage: "Invalid credentials. Invalid username or password.",
			})
			return
		}

		// Другие ошибки - внутренние
		log.Printf("internal server error during authentication: %v", err)
		http.Error(w, "Internal server error", http.StatusInternalServerError)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	w.WriteHeader(http.StatusOK)
	json.NewEncoder(w).Encode(response)
}