use actix_web::{web, HttpResponse, Responder};
use maud::html;
use serde::Deserialize;
use sqlx::PgPool;

use crate::utils::{password_change::PasswordChangeBuilder, ApplicationError};
use brass_db::{models::User, NoneToken};

#[derive(Deserialize)]
struct ChangePasswordForm {
    currentpassword: String,
    password: String,
    passwordretyped: String,
    dry: Option<bool>,
}

#[actix_web::post("/users/changepassword")]
async fn post(
    user: web::ReqData<User>,
    form: web::Form<ChangePasswordForm>,
    pool: web::Data<PgPool>,
) -> Result<impl Responder, ApplicationError> {
    // TODO: refactor into check if HX-TARGET = #password-strength exists
    let is_dry = form.dry.unwrap_or(false);

    let mut builder = PasswordChangeBuilder::<NoneToken>::new(
        pool.get_ref(),
        user.id,
        &form.password,
        &form.passwordretyped,
    )
    .with_current_password(&form.currentpassword);

    let change = builder.build();

    let response = if is_dry {
        change.validate_for_input().await?
    } else {
        change.validate().await?;
        change.commit().await?;
        HttpResponse::Ok().body(
            html! {
                div class="block" {
                    "Passwort erfolgreich geändert."
                }
            }
            .into_string(),
        )
    };

    Ok(response)
}