using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Caching.Memory;
using Moonlight.Api.Database;
using Moonlight.Api.Database.Entities;
using Moonlight.Api.Services;
using Moonlight.Shared;

namespace Moonlight.Api.Http.Controllers.Admin;

[ApiController]
[Route("api/admin/users/{id:int}")]
public class UserActionsController : Controller
{
    // Consider building a service for deletion and logout or actions in general
    
    private readonly DatabaseRepository<User> UsersRepository;
    private readonly IMemoryCache Cache;

    public UserActionsController(DatabaseRepository<User> usersRepository, IMemoryCache cache)
    {
        UsersRepository = usersRepository;
        Cache = cache;
    }

    [HttpPost("logout")]
    [Authorize(Policy = Permissions.Users.Logout)]
    public async Task<ActionResult> LogoutAsync([FromRoute] int id)
    {
        var user = await UsersRepository
            .Query()
            .FirstOrDefaultAsync(u => u.Id == id);
        
        if(user == null)
            return Problem("User not found", statusCode: 404);
        
        user.InvalidateTimestamp = DateTimeOffset.UtcNow;
        await UsersRepository.UpdateAsync(user);
        
        Cache.Remove(string.Format(UserAuthService.ValidationCacheKeyPattern, id));
        
        return NoContent();
    }
}