use actix_session::Session;
use actix_web::{
    post,
    web::{self, ServiceConfig},
    HttpResponse, Responder,
};
use serde::Deserialize;

use crate::{error::ApiError, Database};

#[derive(Deserialize)]
struct LoginRequest {
    username: String,
    password: String,
}

pub fn setup(cfg: &mut ServiceConfig) {
    cfg.service(login);
}

#[post("/login")]
async fn login(
    db: web::Data<Database>,
    login_request: web::Json<LoginRequest>,
    session: Session,
) -> Result<impl Responder, ApiError> {
    let login_request = login_request.into_inner();

    let user_id = db
        .verify_local_user(&login_request.username, &login_request.password)
        .await?;

    session.insert("user", user_id)?;

    Ok(HttpResponse::Ok())
}