using Microsoft.AspNetCore.Mvc;
using Project.Application.DTOs.TwoFactorAuth;
using Project.Application.Interfaces;

namespace Project.Web.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    public class TwoFactorAuthController : ControllerBase
    {
        // FEILDS FOR CTOR
        private readonly ITwoFactorAuthService _twoFactorAuthService;
        private readonly IUserService _userService;

        // CTOR
        public TwoFactorAuthController(ITwoFactorAuthService twoFactorAuthService, IUserService userService)
        {
            _twoFactorAuthService = twoFactorAuthService;
            _userService = userService;
        }

        // SETUP 2FA
        [HttpPost("setup")]
        public async Task<IActionResult> Setup([FromBody] string email)
        {
            var user = await _userService.GetByEmailAsync(email);

            if (user == null)
            {
                return NotFound();
            }

            var setupInfo = await _twoFactorAuthService.GenerateSetupCodeAsync(email);

            return Ok(setupInfo);
        }

        // VERIFY
        [HttpPost("verify")]
        public async Task<IActionResult> Verify([FromBody] TwoFactorVerificationDto verifyDto)
        {
            var isValid = await _twoFactorAuthService.ValidateCodeAsync(verifyDto.Email, verifyDto.Code);

            if (!isValid)
            {
                return Unauthorized();
            }

            return Ok();
        }
    }
}