package auth

import (
	"nixcn-cms/internal/exception"
	"nixcn-cms/service/service_auth"
	"nixcn-cms/tracer"
	"nixcn-cms/utils"

	"github.com/gin-gonic/gin"
)

// Token exchanges an authorization code for access and refresh tokens.
//
//	@Summary		Exchange Code for Token
//	@Description	Verifies the provided authorization code and issues a pair of JWT tokens (Access and Refresh).
//	@Tags			Authentication
//	@Accept			json
//	@Produce		json
//	@Param			payload	body		service_auth.TokenData								true	"Token Request Body"
//	@Success		200		{object}	utils.RespStatus{data=service_auth.TokenResponse}	"Successful token issuance"
//	@Failure		400		{object}	utils.RespStatus{data=nil}							"Invalid Input"
//	@Failure		403		{object}	utils.RespStatus{data=nil}							"Invalid or Expired Code"
//	@Failure		500		{object}	utils.RespStatus{data=nil}							"Internal Server Error"
//	@Router			/auth/token [post]
func (self *AuthHandler) Token(c *gin.Context) {
	ctx, span := tracer.StartSpan(
		c.Request.Context(),
		"api_auth",
		"token",
	)
	defer span.End()

	ctx = exception.ContextWithEndpoint(ctx, exception.EndpointAuthToken)
	ctx = exception.ContextWithService(ctx, exception.ServiceEndpoint)

	var tokenData service_auth.TokenData

	if err := c.ShouldBindJSON(&tokenData); err != nil {
		errorCode := exception.New(
			exception.WithStatus(exception.StatusUser),
			exception.WithType(exception.TypeCommon),
			exception.WithOriginal(exception.CommonErrorInvalidInput),
			exception.WithError(err),
		).Throw(ctx).String()

		utils.HttpResponse(c, 400, errorCode)
		return
	}

	result := self.svc.Token(&service_auth.TokenPayload{
		Context: ctx,
		Data:    &tokenData,
	})

	if result.Common.Exception.Original != exception.CommonSuccess {
		utils.HttpResponse(c, result.Common.HttpCode, result.Common.Exception.String())
		return
	}

	utils.HttpResponse(c, 200, result.Common.Exception.String(), result.Data)
}