const httpz = @import("httpz");

const common = @import("common.zig");
const users_repo = @import("../repos/users_repo.zig");

const Login = struct { email: []const u8, password: []const u8 };

pub fn login(env: *common.Env, req: *httpz.Request, res: *httpz.Response) !void {
    const payload = try common.with_body(Login, req);

    const user = try users_repo.check_password(res.arena, env.conn, payload.email, payload.password) orelse return common.ServiceError.Forbidden;
    const login_token = try users_repo.generate_login_token(res.arena, env.conn, payload.email);
    try res.setCookie("token", login_token, .{
        .max_age = 31 * 24 * 60 * 60, // 31 days in seconds
        .secure = env.secure_tokens,
        .http_only = true,
        .same_site = .strict,
    });
    try res.json(user, .{});
}

pub fn logout(env: *common.Env, _: *httpz.Request, res: *httpz.Response) !void {
    const user = env.user orelse return common.ServiceError.NotFound;
    try users_repo.remove_login_token(env.conn, user.email);
    try res.setCookie("token", "", .{
        .max_age = 0, // Expires immediately
        .secure = env.secure_tokens,
        .http_only = true,
        .same_site = .strict,
    });
}