package com.paymentlink.controller.api;

import com.paymentlink.service.StripePaymentService;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.http.ResponseEntity;
import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.HashMap;
import java.util.Map;

@RestController
@RequestMapping("/api")
public class ConfigApiController {

    private final StripePaymentService stripePaymentService;

    public ConfigApiController(StripePaymentService stripePaymentService) {
        this.stripePaymentService = stripePaymentService;
    }

    /**
     * GET /api/csrf-token - Get CSRF token
     */
    @GetMapping("/csrf-token")
    public ResponseEntity<Map<String, String>> getCsrfToken(HttpServletRequest request) {
        Map<String, String> response = new HashMap<>();
        CsrfToken csrfToken = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
        // CSRF is disabled, return a dummy token for compatibility
        response.put("token", csrfToken != null ? csrfToken.getToken() : "csrf-disabled");
        return ResponseEntity.ok(response);
    }

    /**
     * GET /api/config/stripe-key - Get Stripe publishable key
     */
    @GetMapping("/config/stripe-key")
    public ResponseEntity<Map<String, Object>> getStripeKey() {
        Map<String, Object> response = new HashMap<>();
        response.put("success", true);
        response.put("publishableKey", stripePaymentService.getPublishableKey());
        return ResponseEntity.ok(response);
    }
}