use axum::{
    Json,
    extract::{Extension, State},
    http::StatusCode,
};
use shared_contracts::auth::{AuthMeResponse, AuthUserPayload, build_available_login_methods};

use crate::{
    api_response::json_success_body, auth::AuthenticatedAccessToken, http_error::AppError,
    request_context::RequestContext, state::AppState,
};

pub async fn auth_me(
    State(state): State<AppState>,
    Extension(request_context): Extension<RequestContext>,
    Extension(authenticated): Extension<AuthenticatedAccessToken>,
) -> Result<Json<serde_json::Value>, AppError> {
    let user_id = authenticated.claims().user_id().to_string();
    let user = state
        .password_entry_service()
        .get_user_by_id(&user_id)
        .map_err(|error| {
            AppError::from_status(StatusCode::INTERNAL_SERVER_ERROR).with_message(error.to_string())
        })?
        .ok_or_else(|| {
            AppError::from_status(StatusCode::UNAUTHORIZED)
                .with_message("当前登录态已失效，请重新登录")
        })?;

    Ok(json_success_body(
        Some(&request_context),
        AuthMeResponse {
            user: AuthUserPayload {
                id: user.user.id,
                username: user.user.username,
                display_name: user.user.display_name,
                phone_number_masked: user.user.phone_number_masked,
                login_method: user.user.login_method.as_str().to_string(),
                binding_status: user.user.binding_status.as_str().to_string(),
                wechat_bound: user.user.wechat_bound,
            },
            available_login_methods: build_available_login_methods(
                state.config.sms_auth_enabled,
                state.config.wechat_auth_enabled,
            ),
        },
    ))
}