package authService

import (
	"context"
	"fmt"

	"git.farahty.com/nimer/go-mongo/app"
	"git.farahty.com/nimer/go-mongo/models"
	"go.mongodb.org/mongo-driver/bson"
)

func Login(ctx context.Context, loginInput *models.LoginInput) (*models.LoginResponse, error) {

	// todo : fix the security threats here
	filter := bson.D{
		{
			Key: "$or",
			Value: bson.A{
				bson.D{{Key: "phone", Value: loginInput.Identity}},
				bson.D{{Key: "email", Value: loginInput.Identity}},
			},
		},
	}

	user, err := app.FindOne[models.User](ctx, "users", filter)

	if err != nil {
		return nil, err
	}

	if !user.CheckPassword(loginInput.Password) {
		return nil, fmt.Errorf("incorrect password")
	}

	return successLogin(ctx, user)
}