using System.Security.Claims;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;

namespace EnotaryoPH.Web.Common.Services
{
    public class SignInService : ISignInService
    {
        private readonly IHttpContextAccessor _httpContextAccessor;

        public SignInService(IHttpContextAccessor httpContextAccessor) => _httpContextAccessor = httpContextAccessor;

        public async Task SignInAsync(UserLogin userLogin)
        {
            ArgumentException.ThrowIfNullOrWhiteSpace(userLogin.Email);
            ArgumentException.ThrowIfNullOrWhiteSpace(userLogin.Role);
            ArgumentOutOfRangeException.ThrowIfEqual(Guid.Empty, userLogin.User_UID);

            var claims = new List<Claim>
            {
                new(ClaimTypes.NameIdentifier, userLogin.User_UID.ToString()),
                new(ClaimTypes.Name, userLogin.Email),
                new(ClaimTypes.Email, userLogin.Email),
                new(ClaimTypes.Role, userLogin.Role!)
            };
            var claimsIdentity = new ClaimsIdentity(
                claims, CookieAuthenticationDefaults.AuthenticationScheme);
            var authProperties = new AuthenticationProperties();

            await _httpContextAccessor.HttpContext.SignInAsync(
                CookieAuthenticationDefaults.AuthenticationScheme,
                new ClaimsPrincipal(claimsIdentity),
                authProperties);
        }

        public async Task SignOutAsync() => await _httpContextAccessor.HttpContext.SignOutAsync();
    }
}