const AuthService = require('../services/authService');
const { success, error } = require('../utils/response');

class AuthController {
    static async login(req, res) {
        try {
            const { id, password, role } = req.body;
            if (!id || !password || !role) {
                return error(res, '请输入完整的登录信息', 400);
            }

            const user = await AuthService.login(id, password, role);
            
            // 设置 Session
            req.session.user = user;
            
            success(res, { user }, '登录成功');
        } catch (err) {
            if (err.message === '用户名或密码错误') {
                return error(res, err.message, 401);
            }
            console.error('Login Error:', err);
            error(res, '服务器错误');
        }
    }

    static async register(req, res) {
        try {
            const { id, name, password, role, class: userClass } = req.body;

            if (!id || !name || !password || !role) {
                return error(res, '请填写所有必填字段', 400);
            }

            if ((role === 'student' || role === 'teacher') && !userClass) {
                return error(res, '学生和教师需要填写班级', 400);
            }

            await AuthService.register(req.body);
            success(res, null, '注册成功');
        } catch (err) {
            if (err.message === '用户ID已存在') {
                return error(res, err.message, 400);
            }
            console.error('Register Error:', err);
            error(res, '服务器错误');
        }
    }

    static async logout(req, res) {
        req.session.destroy((err) => {
            if (err) {
                return error(res, '注销失败');
            }
            res.clearCookie('session_cookie');
            success(res, null, '注销成功');
        });
    }

    static async getCurrentUser(req, res) {
        if (req.session.user) {
            success(res, { user: req.session.user });
        } else {
            // 不返回 401，只返回 success: false，方便前端判断
            res.json({ success: false, message: '未登录' });
        }
    }

    static async updatePassword(req, res) {
        try {
            const userId = req.session.user.id;
            const { oldPassword, newPassword } = req.body;

            if (!oldPassword || !newPassword) {
                return error(res, '请提供原密码和新密码', 400);
            }

            await AuthService.updatePassword(userId, oldPassword, newPassword);
            success(res, null, '密码修改成功');
        } catch (err) {
            if (err.message === '原密码错误' || err.message === '用户不存在') {
                return error(res, err.message, 400);
            }
            console.error('Update Password Error:', err);
            error(res, '服务器错误');
        }
    }

    static async updateProfile(req, res) {
        try {
            const userId = req.session.user.id;
            const updateData = req.body;
            
            const updatedUser = await AuthService.updateProfile(userId, updateData);
            
            // 更新 Session 中的用户信息
            req.session.user = {
                ...req.session.user,
                ...updatedUser
            };
            
            success(res, { user: req.session.user }, '资料更新成功');
        } catch (err) {
            console.error('Update Profile Error:', err);
            error(res, '服务器错误');
        }
    }
}

module.exports = AuthController;