package com.vincent.rsf.openApi.controller.example;

import com.vincent.rsf.openApi.entity.dto.CommonResponse;
import com.vincent.rsf.openApi.security.utils.AuthUtils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

/**
 * App认证使用示例控制器
 * 
 * 演示如何在控制器中使用AppId认证
 * 
 * @author vincent
 * @since 2026-01-05
 */
@RestController
@RequestMapping("/example/auth")
@Api(tags = "App认证使用示例")
public class AppAuthExampleController {

    /**
     * 需要App认证的接口示例
     * 
     * @param request HTTP请求
     * @return 响应结果
     */
    @ApiOperation("需要App认证的接口示例")
    @GetMapping("/protected")
    public CommonResponse protectedEndpoint(HttpServletRequest request) {
        // 获取认证的AppId
        String appId = AuthUtils.getAppId(request);
        
        // 检查是否已认证
        if (appId == null) {
            return CommonResponse.error("未通过App认证");
        }
        
        return CommonResponse.ok()
                .setMsg("访问成功")
                .setData("认证的AppId: " + appId);
    }

    /**
     * 获取当前认证的App信息
     * 
     * @param request HTTP请求
     * @return App信息
     */
    @ApiOperation("获取当前认证的App信息")
    @GetMapping("/app-info")
    public CommonResponse getAppInfo(HttpServletRequest request) {
        String appId = AuthUtils.getAppId(request);
        
        if (appId == null) {
            return CommonResponse.error("未通过App认证");
        }
        
        return CommonResponse.ok()
                .setMsg("获取App信息成功")
                .setData("当前AppId: " + appId);
    }

    /**
     * 无需认证的公开接口
     * 
     * @return 响应结果
     */
    @ApiOperation("无需认证的公开接口")
    @GetMapping("/public")
    public CommonResponse publicEndpoint() {
        return CommonResponse.ok()
                .setMsg("公开接口访问成功")
                .setData("任何人都可以访问此接口");
    }

    /**
     * 检查认证状态
     * 
     * @param request HTTP请求
     * @return 认证状态
     */
    @ApiOperation("检查认证状态")
    @PostMapping("/check-auth")
    public CommonResponse checkAuth(HttpServletRequest request) {
        boolean isAuthenticated = AuthUtils.isAuthenticated(request);
        String appId = AuthUtils.getAppId(request);
        
        return CommonResponse.ok()
                .setMsg("认证检查完成")
                .setData("isAuthenticated: " + isAuthenticated + ", appId: " + appId);
    }
}