use axum::{
    Json,
    extract::{Extension, State},
    http::StatusCode,
};
use shared_contracts::auth::{AuthMeResponse, build_available_login_methods};

use crate::{
    api_response::json_success_body, auth::AuthenticatedAccessToken,
    auth_payload::map_auth_user_payload, http_error::AppError, request_context::RequestContext,
    state::AppState,
};

pub async fn auth_me(
    State(state): State<AppState>,
    Extension(request_context): Extension<RequestContext>,
    Extension(authenticated): Extension<AuthenticatedAccessToken>,
) -> Result<Json<serde_json::Value>, AppError> {
    let user_id = authenticated.claims().user_id().to_string();
    let user = state
        .password_entry_service()
        .get_user_by_id(&user_id)
        .map_err(|error| {
            AppError::from_status(StatusCode::INTERNAL_SERVER_ERROR).with_message(error.to_string())
        })?
        .ok_or_else(|| {
            AppError::from_status(StatusCode::UNAUTHORIZED)
                .with_message("当前登录态已失效，请重新登录")
        })?;

    Ok(json_success_body(
        Some(&request_context),
        AuthMeResponse {
            user: map_auth_user_payload(user.user),
            available_login_methods: build_available_login_methods(
                state.config.sms_auth_enabled,
                true,
                state.config.wechat_auth_enabled,
            ),
        },
    ))
}