package BeastBB::Controller::Login;

use 5.30.3;

use strict;
use warnings;

use Mojo::Base 'BeastBB::Controller';

sub GetLogin {
    my $self =shift;
    $self->render;
}

sub Login {
    my $self             = shift;
    my $user_manager     = BeastBB::DAO::UserManager->new( app => $self );
    my $username         = $self->param('username');
    my $password         = $self->param('password');
    my $wrong_auth_error = 'Credentials invalid or user not found.';
    return $self->reply->exception('Request not understood.')->rendered(400)
      if !defined $username || !defined $password;
    my $maybe_user = $user_manager->Get( username => $username );
    my $error_url  = Mojo::URL->new('/')->query( error => $wrong_auth_error );
    return $self->redirect_to($error_url)
      if $maybe_user->IsError
      || !$maybe_user->Content->CheckPasswordLogin( password => $password );
    $self->session->{username} = $username;
    return $self->redirect_to('/');
}
1;