import { Controller, Post, Put, Body } from '@nestjs/common'
import { ApiTags, ApiOperation, ApiUnauthorizedResponse } from '@nestjs/swagger'
import { LoginInputDto } from './dto/login-input.dto'
import { TokenRefreshPayload } from './dto/token.dto'
import { TokenService } from './token.service'

@ApiTags('token')
@Controller('api/token')
export class TokenController {
  constructor(private tokenService: TokenService) {}

  // TODO: 限制调用频率，避免暴力破解
  @ApiOperation({ summary: '登录用户' })
  @Post()
  async login(@Body() user: LoginInputDto) {
    return this.tokenService.login(user.email, user.password)
  }

  @ApiOperation({ summary: '刷新token' })
  @ApiUnauthorizedResponse({ description: 'Unauthorized' })
  @Put()
  async refreshToken(@Body() payload: TokenRefreshPayload) {
    return this.tokenService.refreshToken(payload.refreshToken)
  }
}