<?php

declare(strict_types=1);

namespace App\Tests\Api\Session;

use App\Tests\AbstractApiTestCase;

/**
 * @internal
 */
class SessionProfileTest extends AbstractApiTestCase
{
    private const PASSWORD = 'secret123';

    public function testLoginSuccess(): void
    {
        $profile = $this->createProfile(password: self::PASSWORD);
        $client  = static::createClient();

        $client->request('POST', '/api/session/profile', [
            'json' => [
                'profileId' => $profile->getId(),
                'password'  => self::PASSWORD,
            ],
        ]);

        $this->assertResponseStatusCodeSame(200);
        $this->assertJsonContains([
            'id'        => $profile->getId(),
            'firstName' => 'Test',
            'lastName'  => 'User',
            'isActive'  => true,
        ]);
    }

    public function testLoginWrongPassword(): void
    {
        $profile = $this->createProfile(password: self::PASSWORD);
        $client  = static::createClient();

        $client->request('POST', '/api/session/profile', [
            'json' => [
                'profileId' => $profile->getId(),
                'password'  => 'wrong',
            ],
        ]);

        $this->assertResponseStatusCodeSame(401);
        $this->assertJsonContains(['message' => 'Mot de passe incorrect.']);
    }

    public function testLoginMissingPassword(): void
    {
        $profile = $this->createProfile(password: self::PASSWORD);
        $client  = static::createClient();

        $client->request('POST', '/api/session/profile', [
            'json' => [
                'profileId' => $profile->getId(),
            ],
        ]);

        $this->assertResponseStatusCodeSame(400);
        $this->assertJsonContains(['message' => 'Mot de passe requis.']);
    }

    public function testLoginMissingProfileId(): void
    {
        $client = static::createClient();
        $client->request('POST', '/api/session/profile', [
            'json' => [],
        ]);

        $this->assertResponseStatusCodeSame(400);
        $this->assertJsonContains(['message' => 'profileId est requis.']);
    }

    public function testLoginInactiveProfile(): void
    {
        $profile = $this->createProfile(password: self::PASSWORD, isActive: false);
        $client  = static::createClient();

        $client->request('POST', '/api/session/profile', [
            'json' => [
                'profileId' => $profile->getId(),
                'password'  => self::PASSWORD,
            ],
        ]);

        $this->assertResponseStatusCodeSame(401);
    }

    public function testLoginNoPasswordSet(): void
    {
        $profile = $this->createProfile();
        $client  = static::createClient();

        $client->request('POST', '/api/session/profile', [
            'json' => [
                'profileId' => $profile->getId(),
                'password'  => 'anything',
            ],
        ]);

        $this->assertResponseStatusCodeSame(403);
    }

    public function testGetActiveProfileAuthenticated(): void
    {
        $client = $this->createViewerClient();
        $client->request('GET', '/api/session/profile');

        $this->assertResponseIsSuccessful();
        $this->assertJsonContains(['isActive' => true]);
    }

    public function testGetActiveProfileUnauthenticated(): void
    {
        $client = $this->createUnauthenticatedClient();
        $client->request('GET', '/api/session/profile');

        $this->assertResponseStatusCodeSame(401);
        $this->assertJsonContains(['message' => 'Aucun profil actif.']);
    }

    public function testLogout(): void
    {
        $client = $this->createViewerClient();

        $client->request('DELETE', '/api/session/profile');
        $this->assertResponseIsSuccessful();
        $this->assertJsonContains(['success' => true]);

        $client->request('GET', '/api/session/profile');
        $this->assertResponseStatusCodeSame(401);
    }
}