use axum::Form;
use axum::http::StatusCode;
use axum::response::Html;
use axum::response::IntoResponse;
use axum::response::Redirect;

use crate::AuthSession;
use crate::UserCredentials;

pub async fn show_login() -> Html<String> {
    format!(
        r##"
        <!DOCTYPE html>
        <html>
            <body>
                <form action="/login" method="POST">
                    <input type="text" name="username"/>
                    <input type="password" name="password"/>
                    <input type="submit" />
                </form>
            </body>
        </html>
    "##
    )
    .into()
}

pub async fn do_login(
    mut auth_session: AuthSession,
    Form(creds): Form<UserCredentials>,
) -> impl IntoResponse {
    let user = match auth_session.authenticate(creds.clone()).await {
        Ok(Some(user)) => user,
        Ok(None) => return StatusCode::UNAUTHORIZED.into_response(),
        Err(_) => return StatusCode::INTERNAL_SERVER_ERROR.into_response(),
    };

    if auth_session.login(&user).await.is_err() {
        return StatusCode::INTERNAL_SERVER_ERROR.into_response();
    }

    Redirect::to("/protected").into_response()
}