package auth

import (
	"net/http"
	"task-track-backend/model"
	"task-track-backend/pkg/auth"

	"github.com/gin-gonic/gin"
	"golang.org/x/crypto/bcrypt"
)

func (h *AuthHandler) Login(c *gin.Context) {
	var loginData struct {
		Username string `json:"username" binding:"required"`
		Password string `json:"password" binding:"required"`
	}

	if err := c.ShouldBindJSON(&loginData); err != nil {
		c.JSON(http.StatusBadRequest, gin.H{
			"code":    400,
			"message": "Invalid request data",
			"error":   err.Error(),
		})
		return
	}

	// 查找用户
	var user model.User
	if err := h.db.Where("username = ?", loginData.Username).First(&user).Error; err != nil {
		c.JSON(http.StatusUnauthorized, gin.H{
			"code":    401,
			"message": "Invalid credentials",
		})
		return
	}

	// 验证密码
	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(loginData.Password)); err != nil {
		c.JSON(http.StatusUnauthorized, gin.H{
			"code":    401,
			"message": "Invalid credentials",
		})
		return
	}

	// 获取用户的默认组织ID（如果没有关联组织，使用0）
	var organizationID uint = 0
	var userOrg model.UserOrganization
	if err := h.db.Where("user_id = ?", user.ID).First(&userOrg).Error; err == nil {
		organizationID = userOrg.OrganizationID
	}

	// 生成 JWT token
	token, err := auth.GenerateToken(user.ID, user.Username, organizationID)
	if err != nil {
		c.JSON(http.StatusInternalServerError, gin.H{
			"code":    500,
			"message": "Failed to generate token",
			"error":   err.Error(),
		})
		return
	}

	c.JSON(http.StatusOK, gin.H{
		"code":    200,
		"message": "Login successful",
		"data": gin.H{
			"token": token,
			"user":  user,
		},
	})
}