using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MealPlanner.Services;

namespace MealPlanner.Controllers;

[ApiController]
[Route("api/shopping")]
[Authorize]
public class ShoppingListController(ShoppingListService shoppingListService) : ControllerBase
{
    private string UserId => User.FindFirst("sub")?.Value ?? throw new UnauthorizedAccessException();

    [HttpGet("{mealPlanId:guid}")]
    public async Task<IActionResult> GetList(Guid mealPlanId)
    {
        try
        {
            var items = await shoppingListService.GetShoppingListAsync(mealPlanId, UserId);
            return Ok(items);
        }
        catch (UnauthorizedAccessException)
        {
            return Forbid();
        }
    }

    [HttpPut("{mealPlanId:guid}/check/{itemName}")]
    public async Task<IActionResult> ToggleCheck(Guid mealPlanId, string itemName)
    {
        try
        {
            var result = await shoppingListService.ToggleCheckAsync(mealPlanId, itemName, UserId);
            return Ok(result);
        }
        catch (KeyNotFoundException ex)
        {
            return NotFound(ex.Message);
        }
        catch (UnauthorizedAccessException)
        {
            return Forbid();
        }
    }
}