use actix_web::{HttpResponse, web};

use crate::api::response::{ApiEmptyResponse, ApiErrorResponse};
use crate::error::AppError;
use crate::service::AppService;
use crate::service::auth::reset_pass::ResetPasswordRequest;

#[utoipa::path(
    post,
    path = "/api/v1/auth/reset-password",
    tag = "Auth",
    operation_id = "authRequestPasswordReset",
    summary = "Request password reset email",
    description = "Submit an email address to send a password reset link if it belongs to an active user. To prevent user enumeration, the business logic attempts to return success whether the email exists, rate limits are triggered, or email delivery fails. Internally, the endpoint enforces a 60-second cooldown and a daily limit of 5 requests per email.",
    request_body(
        content = ResetPasswordRequest,
        description = "The email address that should receive the password reset link.",
        content_type = "application/json"
    ),
    responses(
        (status = 200, description = "The request has been accepted; if the email exists, a reset email will be sent.", body = ApiEmptyResponse),
        (status = 500, description = "Rare unrecoverable server-side error.", body = ApiErrorResponse)
    )
)]
pub async fn handle(
    service: web::Data<AppService>,
    params: web::Json<ResetPasswordRequest>,
) -> Result<HttpResponse, AppError> {
    service
        .auth
        .auth_reset_password_request(params.into_inner())
        .await?;
    Ok(HttpResponse::Ok().json(ApiEmptyResponse::ok("password reset request accepted")))
}