package handlers

import (
	"encoding/json"
	"net/http"
	"time"

	"github.com/golang-jwt/jwt/v5"
)

// JWTSecret 应该在实际环境中使用环境变量
var JWTSecret = []byte("crm-go-secret-key")

// LoginRequest 登录请求结构
type LoginRequest struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

// LoginResponse 登录返回结构
type LoginResponse struct {
	Token string `json:"token"`
}

// AuthHandler 身份验证处理器
type AuthHandler struct{}

// NewAuthHandler 创建身份验证处理器
func NewAuthHandler() *AuthHandler {
	return &AuthHandler{}
}

// Login 处理登录请求
func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
	if r.Method != http.MethodPost {
		http.Error(w, "方法不允许", http.StatusMethodNotAllowed)
		return
	}

	var req LoginRequest
	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
		http.Error(w, "请求参数错误", http.StatusBadRequest)
		return
	}

	// 验证用户名和密码
	if req.Username != "admin" || req.Password != "admin123" {
		http.Error(w, "用户名或密码错误", http.StatusUnauthorized)
		return
	}

	// 生成 JWT Token
	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
		"username": req.Username,
		"exp":      time.Now().Add(time.Hour * 24).Unix(), // 24小时过期
	})

	tokenString, err := token.SignedString(JWTSecret)
	if err != nil {
		http.Error(w, "无法生成Token", http.StatusInternalServerError)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(LoginResponse{Token: tokenString})
}