using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Web.Http;
using VECV_WebApi.Common;

namespace VECV_WebApi.Controllers.Global
{
  public class TokenJWTController : ApiController
  {
   
    [AllowAnonymous]
    [HttpPost]
    [Route("api/TokenJ-WT/token")]
    public IHttpActionResult GetToken()
    {
      var auth = Request.Headers.Authorization;
      if (auth == null || auth.Scheme != "Basic")
        return ResponseMessage(Request.CreateResponse(HttpStatusCode.Unauthorized, "Missing Basic Auth"));

      var encodedCredentials = auth.Parameter;
      var credentialBytes = Convert.FromBase64String(encodedCredentials);
      var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');

      if (credentials.Length != 2)
        return BadRequest("Invalid Basic Auth format");

      var username = credentials[0];
      var password = credentials[1];

      // Replace this check with actual DB/user validation
      if (username != ConfigurationManager.AppSettings["JWTAuthId"].ToString() || password != ConfigurationManager.AppSettings["JWTAuthPwd"].ToString())
        return Unauthorized();

      var token = JwtManager.GenerateToken(username);
      return Ok(new { token });
    }

    public bool CheckUser(string username, string password)
    {
      // should check in the database
      if(username == ConfigurationManager.AppSettings["JWTAuthId"].ToString() && password == ConfigurationManager.AppSettings["JWTAuthPwd"].ToString())
      {
        return true;
      }
      else
      {
        return false;
      }
    }
  }
}