module Sis
  module Core
    class UsersController < ApplicationController
      skip_before_action :authenticate_request, only: %i[login sign_in generate_recovery_token reset_password]
      before_action :set_user_service, only: %i[generate_recovery_token reset_password]
      def sign_in
        applicant = Applicant&.find_by_email(params[:email])
        if Applicant&.find_by_email(params[:email]) && applicant.authenticate(params[:password])
          token = JsonWebToken.encode({ id: applicant.id, first_name: applicant.first_name,
                                        middle_name: applicant.middle_name, last_name: applicant.last_name,
                                        email: applicant.email })
          render json: { success: true, jwt: token }
        else
          render json: { success: false, errors: ['Invalid username or password !'] }
        end
      end

      def create
        user = User.new(user_params)
        if user.save
          render json: { success: true, data: user }
        else
          render json: { success: false, errors: user.errors }
        end
      end

      def login
        user = User.find_by_email(params[:email])
        if User&.find_by_email(params[:email]) && user.authenticate(params[:password])
          token = JsonWebToken.encode({ id: user.id, first_name: user.first_name, last_name: user.last_name,
                                        roles: user.user_roles.map(&:name) })
          render json: { success: true, jwt: token }
        else
          render json: { success: false, errors: ['Invalid username or password !'] }
        end
      end

      def generate_recovery_token
        user = User.where(email: params[:email], secret_question_answer: params[:secret_question_answer])
        if user.count.positive?
          user = user[0]
          @service.generate_password_token(user)
          render json: { success: true, token: user.reset_password_token, email: user.email }
        else
          render json: { success: false, errors: ['User not found !'] }
        end
      end

      def reset_password
        token = params[:token].to_s
        user = User.find_by_reset_password_token(token)
        if user && @service.password_token_valid?(user.id)
          @service.reset_password(user.id, params[:password])
          render json: { success: true }
        else
          render json: { success: false, errors: ['Link not valid or expired. Try generating a new link !'] }
        end
      end

      private

      def user_params
        params.require('user').permit(:id, :first_name, :last_name, :email, :password, :reset_password_token,
                                      :reset_password_sent_at, :secret_question, :secret_question_answer)
      end

      def set_user_service
        @service = UserService.new
      end
    end
  end
end