using System.Security.Claims;
using System.Text.Json;
using Elements.Data;
using Elements.Data.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;

namespace Elements.Backend.Controllers;

[ApiController]
[Route("[controller]/[action]")]
public class UserController: ControllerBase
{
    private readonly ApplicationDbContext _dbContext;

    public UserController(ApplicationDbContext dbContext)
    {
        _dbContext = dbContext;
    }
    
    [HttpGet]
    [Authorize]
    [Route("/user/{id:int}")]
    public async Task<IActionResult> Users(int id)
    {
        IEnumerable<Claim> claims = User.Claims;
        string? currentUserId = claims.FirstOrDefault(claim => claim.Type == "id")?.Value;
        if (currentUserId == null)
            return StatusCode(StatusCodes.Status500InternalServerError);
        if (currentUserId != id.ToString())
            return Unauthorized();

        User? user = await _dbContext.Users.FirstOrDefaultAsync(user => user.Id == id);
        if (user == null)
            return StatusCode(StatusCodes.Status500InternalServerError);
        
        string userJson = JsonSerializer.Serialize(user);
        return Ok(userJson);
    }
}