defmodule GenericRestServerWeb.UserTokenController do
  use GenericRestServerWeb, :controller

  alias GenericRestServer.Accounts
  alias GenericRestServer.Accounts.User

  action_fallback GenericRestServerWeb.FallbackController

  def log_in(conn, %{"user" => user_params}) do
    case Accounts.get_user_by_email_and_password(user_params["email"], user_params["password"]) do
      %User{} = user ->
        create_token(conn, user)

      _ ->
        conn
        |> put_status(:forbidden)
        |> render(:error, %{error: "No access for you!"})
    end
  end

  defp create_token(conn, user) do
    encoded_token = Accounts.create_user_api_token(user)

    updated_user = Map.put(user, :token, encoded_token)

    render(conn, :token, user: updated_user)
  end
end