using ColaFlow.Modules.Identity.Application.Dtos;
using ColaFlow.Modules.Identity.Domain.Aggregates.Tenants;
using ColaFlow.Modules.Identity.Domain.Aggregates.Users;
using ColaFlow.Modules.Identity.Domain.Repositories;
using MediatR;

namespace ColaFlow.Modules.Identity.Application.Commands.Login;

public class LoginCommandHandler : IRequestHandler<LoginCommand, LoginResponseDto>
{
    private readonly ITenantRepository _tenantRepository;
    private readonly IUserRepository _userRepository;
    // Note: In production, inject IPasswordHasher and IJwtService

    public LoginCommandHandler(
        ITenantRepository tenantRepository,
        IUserRepository userRepository)
    {
        _tenantRepository = tenantRepository;
        _userRepository = userRepository;
    }

    public async Task<LoginResponseDto> Handle(LoginCommand request, CancellationToken cancellationToken)
    {
        // 1. Find tenant
        var slug = TenantSlug.Create(request.TenantSlug);
        var tenant = await _tenantRepository.GetBySlugAsync(slug, cancellationToken);
        if (tenant == null)
        {
            throw new UnauthorizedAccessException("Invalid credentials");
        }

        // 2. Find user
        var email = Email.Create(request.Email);
        var user = await _userRepository.GetByEmailAsync(TenantId.Create(tenant.Id), email, cancellationToken);
        if (user == null)
        {
            throw new UnauthorizedAccessException("Invalid credentials");
        }

        // 3. Verify password (simplified - TODO: use IPasswordHasher)
        // if (!PasswordHasher.Verify(request.Password, user.PasswordHash))
        // {
        //     throw new UnauthorizedAccessException("Invalid credentials");
        // }

        // 4. Generate JWT token (simplified - TODO: use IJwtService)
        var accessToken = "dummy-token";

        // 5. Update last login time
        user.RecordLogin();
        await _userRepository.UpdateAsync(user, cancellationToken);

        // 6. Return result
        return new LoginResponseDto
        {
            User = new UserDto
            {
                Id = user.Id,
                TenantId = tenant.Id,
                Email = user.Email.Value,
                FullName = user.FullName.Value,
                Status = user.Status.ToString(),
                AuthProvider = user.AuthProvider.ToString(),
                IsEmailVerified = user.EmailVerifiedAt.HasValue,
                LastLoginAt = user.LastLoginAt,
                CreatedAt = user.CreatedAt
            },
            Tenant = new TenantDto
            {
                Id = tenant.Id,
                Name = tenant.Name.Value,
                Slug = tenant.Slug.Value,
                Status = tenant.Status.ToString(),
                Plan = tenant.Plan.ToString(),
                SsoEnabled = tenant.SsoConfig != null,
                SsoProvider = tenant.SsoConfig?.Provider.ToString(),
                CreatedAt = tenant.CreatedAt,
                UpdatedAt = tenant.UpdatedAt ?? tenant.CreatedAt
            },
            AccessToken = accessToken
        };
    }
}