using Insight.Database;
using PlanTempus.Core;
using PlanTempus.Core.Sql;

namespace PlanTempus.Components.Users.Create
{
    public class CreateUserHandler(IDatabaseOperations databaseOperations, ISecureTokenizer secureTokenizer)
	{
		private readonly ISecureTokenizer _secureTokenizer;

		public async Task<CreateUserResponse> Handle(CreateUserCommand command)
		{
			using var db = databaseOperations.CreateScope(nameof(CreateUserHandler));
			try
			{
				var sql = @"
                    INSERT INTO system.users(email, password_hash, security_stamp, email_confirmed, 
                     access_failed_count, lockout_enabled, lockout_end, 
                     is_active, created_at, last_login_at)
                    VALUES(@Email, @PasswordHash, @SecurityStamp, @EmailConfirmed,
                     @AccessFailedCount, @LockoutEnabled, @LockoutEnd,
                     @IsActive, @CreatedAt, @LastLoginAt)
                    RETURNING id, created_at";

				var result = await db.Connection.QuerySqlAsync<UserCreationResult>(sql, new
				{
					Email = command.Email,
					PasswordHash = secureTokenizer.TokenizeText(command.Password),
					SecurityStamp = Guid.NewGuid().ToString("N"),
					EmailConfirmed = false,
					AccessFailedCount = 0,
					LockoutEnabled = true,
					LockoutEnd = (DateTime?)null,
					IsActive = command.IsActive,
					CreatedAt = DateTime.UtcNow,
					LastLoginAt = (DateTime?)null
				});

				var createdUser = result.First();

				db.Success();

				return new CreateUserResponse
				{
					Id = createdUser.Id,
					Email = command.Email,
					IsActive = command.IsActive,
					CreatedAt = createdUser.CreatedAt
				};
			}
			catch (Exception ex)
			{
				db.Error(ex);
				throw;
			}
		}

		private class UserCreationResult
		{
			public long Id { get; set; }
			public DateTime CreatedAt { get; set; }
		}
	}
}