use axum::{
    extract::{Extension, State},
    http::HeaderMap,
    response::IntoResponse,
};
use module_auth::LogoutAllSessionsInput;
use serde::Serialize;
use time::OffsetDateTime;

use crate::{
    api_response::json_success_body,
    auth::AuthenticatedAccessToken,
    auth_session::{
        attach_set_cookie_header, build_clear_refresh_session_cookie_header, map_logout_error,
    },
    http_error::AppError,
    request_context::RequestContext,
    state::AppState,
};

#[derive(Debug, Serialize)]
pub struct LogoutAllResponse {
    pub ok: bool,
}

pub async fn logout_all(
    State(state): State<AppState>,
    Extension(request_context): Extension<RequestContext>,
    Extension(authenticated): Extension<AuthenticatedAccessToken>,
) -> Result<impl IntoResponse, AppError> {
    state
        .auth_user_service()
        .logout_all_sessions(
            LogoutAllSessionsInput {
                user_id: authenticated.claims().user_id().to_string(),
            },
            OffsetDateTime::now_utc(),
        )
        .map_err(map_logout_error)?;

    let mut headers = HeaderMap::new();
    attach_set_cookie_header(
        &mut headers,
        build_clear_refresh_session_cookie_header(&state)?,
    );

    Ok((
        headers,
        json_success_body(Some(&request_context), LogoutAllResponse { ok: true }),
    ))
}