using Hutopy.Infrastructure.Security;
using Hutopy.Modules.Identity.Data;

namespace Hutopy.Modules.Identity.Handlers;

[PublicAPI]
public record ChangeEmailRequest(
    string? Email);

[PublicAPI]
public class ChangeEmailHandler(
    UserManager userManager)
    : Endpoint<ChangeEmailRequest>
{
    public override void Configure()
    {
        Post("/api/users/email");
        Options(o => o.WithTags("Users"));
    }

    public override async Task HandleAsync(
        ChangeEmailRequest request,
        CancellationToken ct)
    {
        var user = await userManager.FindByIdAsync(HttpContext.User.GetUserId().ToString());

        if (user is null)
        {
            await SendNotFoundAsync(ct);
            return;
        }

        user.Email = request.Email;

        // TODO: check to see if identity resets the `email confirmed` flag - @jonathan
        var result = await userManager.UpdateAsync(user);

        if (result.Succeeded)
            await SendOkAsync(ct);
        else
            await SendUnauthorizedAsync(ct);
    }
}