package cn.zyp.stusystem.controller;

import cn.dev33.satoken.stp.StpUtil;
import cn.zyp.stusystem.common.Result;
import cn.zyp.stusystem.constant.PermissionConstants;
import cn.zyp.stusystem.dto.LoginDTO;
import cn.zyp.stusystem.entity.User;
import cn.zyp.stusystem.service.UserService;
import cn.zyp.stusystem.vo.LoginResult;
import cn.zyp.stusystem.vo.UserVO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

@RestController
@RequestMapping("/api")
public class LoginController {

    @Autowired
    private UserService userService;

    @PostMapping("/login")
    public Result<LoginResult> login(@RequestBody LoginDTO loginDTO) {
        // 1. 根据用户名查询用户信息
        User user = userService.getByUsername(loginDTO.getUsername());

        // 2. 校验用户是否存在以及密码是否正确
        if(user == null || !user.getPassword().equals(loginDTO.getPassword())) {
            return Result.error(401, "用户名或密码错误");
        }

        // 3. SaToken登录（自动生成token）
        StpUtil.login(user.getId());

        // 4. 在Session中存储角色和权限
        StpUtil.getSession().set("role", user.getRole());
        List<String> permissions = PermissionConstants.ROLE_PERMISSIONS.get(user.getRole());
        StpUtil.getSession().set("permissions", permissions);

        // 5. 构建返回数据
        UserVO userVO = new UserVO();
        userVO.setId(user.getId());
        userVO.setUsername(user.getUsername());
        userVO.setRole(user.getRole());
        userVO.setName(user.getName());
        userVO.setPermissions(permissions);

        LoginResult loginResult = new LoginResult();
        loginResult.setToken(StpUtil.getTokenValue());
        loginResult.setUserInfo(userVO);

        return Result.success(loginResult);
    }
}