defmodule SsoBsnWeb.UserSessionController do
  use SsoBsnWeb, :controller

  alias SsoBsn.Accounts
  alias SsoBsnWeb.UserAuth

  def login(conn, %{"token" => login_token}) do
    case Accounts.consume_login_token(login_token) do
      {:ok, user} ->
        conn
        |> UserAuth.log_in_user(user) # TODO: pass through remember-me value?
      {:error, error} ->
        dbg(error)
        conn
        |> put_flash(:error, "Invalid login token: #{inspect(error)}")
        |> redirect(to: ~p"/users/log_in")
    end
  end

  def delete(conn, _params) do
    conn
    |> put_flash(:info, "Logged out successfully.")
    |> UserAuth.log_out_user()
  end

  def check_auth(conn, _params) do
    user = conn.assigns[:current_user]
    conn
    |> put_resp_header("X-Auth-Username", user.username)
    |> json(%{
      username: user.username
    })
  end

  def redirect_next(conn, %{ "next" => next }) do
    conn |> redirect(external: next)
  end
end