using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using PruebaGentle.Core.DTOs;
using PruebaGentle.Core.Entities;
using PruebaGentle.Core.Interfaces;

namespace PruebaGentle.API.Controllers;

[ApiController]
[Route("api/[controller]")]
[Authorize]
public class UsersController : ControllerBase
{
    private readonly IUserRepository _userRepository;
    private readonly IPasswordHasher _passwordHasher;

    public UsersController(IUserRepository userRepository, IPasswordHasher passwordHasher)
    {
        _userRepository = userRepository;
        _passwordHasher = passwordHasher;
    }

    [HttpPost]
    public async Task<IActionResult> Create([FromBody] CreateUserDto dto)
    {
        var existingUser = await _userRepository.GetByUsernameAsync(dto.Username);
        if (existingUser != null)
            return BadRequest(new { error = "El username ya existe." });

        var user = new User
        {
            Username = dto.Username,
            PasswordHash = _passwordHasher.Hash(dto.Password),
            Email = dto.Email,
            NombreCompleto = dto.NombreCompleto
        };

        var created = await _userRepository.CreateAsync(user);

        return CreatedAtAction(nameof(GetById), new { id = created.Id }, MapToResponse(created));
    }

    [HttpGet]
    public async Task<IActionResult> GetAll()
    {
        var users = await _userRepository.GetAllAsync();
        return Ok(users.Select(MapToResponse));
    }

    [HttpGet("{id}")]
    public async Task<IActionResult> GetById(int id)
    {
        var user = await _userRepository.GetByIdAsync(id);
        if (user == null)
            return NotFound(new { error = "Usuario no encontrado." });

        return Ok(MapToResponse(user));
    }

    [HttpPut("{id}")]
    public async Task<IActionResult> Update(int id, [FromBody] UpdateUserDto dto)
    {
        var existing = await _userRepository.GetByIdAsync(id);
        if (existing == null)
            return NotFound(new { error = "Usuario no encontrado." });

        // Check username/email conflicts with other users
        var duplicateUser = await _userRepository.GetByUsernameAsync(dto.Username);
        if (duplicateUser != null && duplicateUser.Id != id)
            return BadRequest(new { error = "El username ya está en uso por otro usuario." });

        var user = new User
        {
            Id = id,
            Username = dto.Username,
            Email = dto.Email,
            NombreCompleto = dto.NombreCompleto
        };

        var updated = await _userRepository.UpdateAsync(user);
        return Ok(MapToResponse(updated!));
    }

    [HttpDelete("{id}")]
    public async Task<IActionResult> Delete(int id)
    {
        var existing = await _userRepository.GetByIdAsync(id);
        if (existing == null)
            return NotFound(new { error = "Usuario no encontrado." });

        await _userRepository.DeleteAsync(id);
        return NoContent();
    }

    private static UserResponseDto MapToResponse(User user)
    {
        return new UserResponseDto
        {
            Id = user.Id,
            Username = user.Username,
            Email = user.Email,
            NombreCompleto = user.NombreCompleto,
            FechaCreacion = user.FechaCreacion
        };
    }
}