using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Mvc;
using System.Security.Claims;

namespace HyperBooru.Controllers;

[ApiController]
[Route("/")]
public class LoginController : Controller {
    private IHttpContextAccessor httpContextAccessor;
    public LoginController(IHttpContextAccessor httpContextAccessor) =>
        this.httpContextAccessor = httpContextAccessor;

    [HttpPost("Login")]
    public async Task<IActionResult> Login(
        [FromForm] string username,
        [FromForm] string password) {

        var claims = new Claim[] {
            new Claim(ClaimTypes.NameIdentifier, username)
        };

        var claimsIdentity = new ClaimsIdentity(
            claims,
            CookieAuthenticationDefaults.AuthenticationScheme);

        var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);

        if(username == "admin" && password == "test") {
            await httpContextAccessor.HttpContext!.SignInAsync(claimsPrincipal);
            return Ok();
        } else {
            return StatusCode(403);
        }
    }

    [HttpPost("Logout")]
    public async Task Logout() =>
        await httpContextAccessor.HttpContext!.SignOutAsync();
}