package kr.re.etri.autoflow.service;

import kr.re.etri.autoflow.models.RefreshToken;
import kr.re.etri.autoflow.payload.request.LoginRequest;
import kr.re.etri.autoflow.payload.response.UserInfoResponse;
import kr.re.etri.autoflow.security.jwt.JwtUtils;
import kr.re.etri.autoflow.security.services.RefreshTokenService;
import kr.re.etri.autoflow.security.services.UserDetailsImpl;
import lombok.RequiredArgsConstructor;
import org.springframework.http.ResponseCookie;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;

import java.util.HashMap;
import java.util.Map;

@Service
@RequiredArgsConstructor
public class AuthService {

    private final AuthenticationManager authenticationManager;
    private final JwtUtils jwtUtils;
    private final RefreshTokenService refreshTokenService;

    public Map<String, Object> authenticate(LoginRequest request) {
        Authentication authentication = authenticationManager.authenticate(
                new UsernamePasswordAuthenticationToken(request.getUsername(), request.getPassword())
        );

        SecurityContextHolder.getContext().setAuthentication(authentication);
        UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal();

        // 기존 refresh token 제거
        refreshTokenService.deleteByUserId(userDetails.getId());

        // 새 JWT 및 RefreshToken 생성
        ResponseCookie jwtCookie = jwtUtils.generateJwtCookie(userDetails);
        RefreshToken refreshToken = refreshTokenService.createRefreshToken(userDetails.getId());
        ResponseCookie jwtRefreshCookie = jwtUtils.generateRefreshJwtCookie(refreshToken.getToken());

        UserInfoResponse userInfo = new UserInfoResponse(
                userDetails.getId(),
                userDetails.getUsername(),
                userDetails.getEmail(),
                userDetails.getAuthorities().stream()
                        .map(GrantedAuthority::getAuthority)
                        .toList()
        );

        Map<String, Object> response = new HashMap<>();
        response.put("userInfo", userInfo);
        response.put("jwtCookie", jwtCookie.toString());
        response.put("jwtRefreshCookie", jwtRefreshCookie.toString());

        return response;
    }
}