package com.olhar.olharapi.application.usecase;

import com.olhar.olharapi.application.port.in.AuthenticateUserUseCase;
import com.olhar.olharapi.application.port.out.UserRepository;
import com.olhar.olharapi.domain.model.User;
import com.olhar.olharapi.infrastructure.security.JwtService;
import lombok.RequiredArgsConstructor;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;

@Service
@RequiredArgsConstructor
public class AuthenticateUserService implements AuthenticateUserUseCase {

    private final UserRepository userRepository;
    private final PasswordEncoder passwordEncoder;
    private final JwtService jwtService;

    @Override
    public Result authenticate(Command command) {
        User user = userRepository.findByEmail(command.email())
                .orElseThrow(() -> new BadCredentialsException("Identifiants invalides"));

        if (!passwordEncoder.matches(command.password(), user.passwordHash())) {
            throw new BadCredentialsException("Identifiants invalides");
        }

        return new Result(user, jwtService.generateToken(user));
    }
}