using Microsoft.AspNetCore.Mvc;
using Webshop.Application.DTOs.Auth;
using Webshop.Application.Services.Auth;
using Microsoft.AspNetCore.Authorization;

namespace Webshop.Api.Controllers.Auth // Beachten Sie den Namespace
{
    [ApiController]
    [Route("api/v1/[controller]")] // z.B. /api/v1/auth
    public class AuthController : ControllerBase
    {
        private readonly IAuthService _authService;

        public AuthController(IAuthService authService)
        {
            _authService = authService;
        }

        [HttpPost("register")] // /api/v1/auth/register (für Kunden)
        [AllowAnonymous] // Jeder darf sich registrieren
        public async Task<IActionResult> Register([FromBody] RegisterRequestDto request)
        {
            if (!ModelState.IsValid) return BadRequest(ModelState);
            var result = await _authService.RegisterUserAsync(request);
            if (!result.IsAuthSuccessful) return BadRequest(new { Message = result.ErrorMessage });
            return Ok(result);
        }

        [HttpPost("login/customer")] // /api/v1/auth/login/customer (für Kunden-Login)
        [AllowAnonymous]
        public async Task<IActionResult> LoginCustomer([FromBody] LoginRequestDto request)
        {
            if (!ModelState.IsValid) return BadRequest(ModelState);
            var result = await _authService.LoginUserAsync(request);
            if (!result.IsAuthSuccessful) return Unauthorized(new { Message = result.ErrorMessage });
            return Ok(result);
        }

        [HttpPost("login/admin")] // /api/v1/auth/login/admin (für Admin-Dashboard Login)
        [AllowAnonymous]
        public async Task<IActionResult> LoginAdmin([FromBody] LoginRequestDto request)
        {
            if (!ModelState.IsValid) return BadRequest(ModelState);
            var result = await _authService.LoginAdminAsync(request);
            if (!result.IsAuthSuccessful) return Unauthorized(new { Message = result.ErrorMessage });
            return Ok(result);
        }
    }
}