using RelayCore.Endpoints;
using RelayCore.Models;
using SurrealDb.Net;
using SurrealDb.Net.Models;

namespace RelayCore.Services;

public class APIAuthService(SurrealDbClient _db)
{
    
    public async Task<string> UserSigninAsync(AuthSignin request)
    {
        var hasher = new PasswordHasher();
        var users = await _db.Select<Users>("auth_users");
        var user = users.FirstOrDefault(x => (x.Username == request.UserName || x.Email == request.UserName) 
                                             && hasher.VerifyPassword(request.Password, x.Password));
        var tokens = await _db.Select<Sessions>("auth_sessions");
        var token = tokens.Where(x => x.UserId == user.Id && !x.Revoked).OrderByDescending(x => x.ExpiresAt).FirstOrDefault();
        if (token.ExpiresAt > DateTime.UtcNow)
            return token.TokenHash;
        
        //TODO: Generate TOKEN
        var newToken = hasher.HashPassword($"{user.Email}{user.Username}{user.Password}");
        //TODO: Store TOKEN and Username for verification
        var sessionId = await _db.Create<Sessions>(new Sessions
        {
            UserId = user.Id,
            TokenHash = newToken,
            IssuedAt = DateTime.UtcNow,
            ExpiresAt = DateTime.UtcNow.AddDays(30),
            DeviceName = "",
            Revoked = false,
            IpAddress = "",
            UserAgent = ""
        });
        //TODO: Add invalidation to TOKENs
        return newToken;
    }

    public async Task<string> UserRegisterAsync(AuthRegister request)
    {
        throw new NotImplementedException();
    }

    public async Task<bool> ServerVerifyUser(AuthUserVerify request)
    {
        throw new NotImplementedException();
    }
}