using System.Security.Claims;
using MediatR;
using Web.Api.Extensions;
using Web.Api.Common;
using Microsoft.IdentityModel.JsonWebTokens;

namespace Web.Api.Endpoints.Auth;

internal sealed class Profile : IEndpoint
{
    public void MapEndpoint(IEndpointRouteBuilder app)
    {
        app.MapGet("api/auth/profile", async (
            ClaimsPrincipal user,
            ISender sender,
            CancellationToken ct
        ) => {
            var memberIDClaim = user.FindFirst(JwtRegisteredClaimNames.Sub)?.Value;

            if (!int.TryParse(memberIDClaim, out var memberID))
            {
                return Results.Unauthorized();
            }

            var query = new Application.Features.Auth.GetProfile.Query(memberID);
            var result = await sender.Send(query, ct);

            return result.Match(
                Results.Ok,
                CustomResults.Problem
            );
        })
        .WithTags("Auth")
        .RequireAuthorization();
    }
}