class AuthController < ActionController::Base
  include ShopliftClient
  protect_from_forgery with: :exception

  def auth
    local_redirect_uri = if Rails.configuration.settings['verify_auth_with_current_url']
                           "#{root_url}auth/"
                         else
                           Rails.configuration.settings['authlift_redirect_uri']
                         end

    response = client.auth_code.get_token params[:code],
                                          redirect_uri: local_redirect_uri,
                                          scope: scope
    self.session_cookie = response.token
    previous_url = session[:previous_url]
    session.delete :previous_url
    redirect_to(previous_url || '/')
  end

  def destroy
    authenticate_user!
    return if current_user.blank?
    signouttoken = session_cookie
    session_cookie = nil

    redirect_to "#{Rails.configuration.settings['authlift_url']}users/sign_outx?signouttoken=#{signouttoken}"
  end

  def change_company
    authenticate_user!
    return if current_user.blank?
    new_company_code = params.except(:_method, :authenticity_token).permit(:new_company_code)[:new_company_code]

    signouttoken = session_cookie
    redirect_to "#{Rails.configuration.settings['authlift_url']}users/change_companyx/#{new_company_code}?change_company_token=#{signouttoken}"
  end
end