using Entidades.Dto;
using Microsoft.AspNetCore.Mvc;
using Modelo;

namespace AlquilaFacil.Controllers;

[ApiController]
public class AccionesController: ControllerBase {
    
    //Reutilizo el loginDto pero no lleno el campo de contraseña
    [HttpPost("api/acciones")]
    public IActionResult ListarAccionesPorUsuario([FromBody] LoginDto email, [FromHeader(Name = "Auth")] string Auth) {
        if (email.Email == "" || email.Email == null) return BadRequest();
        
        if (Auth == "") return Unauthorized(new { esValido = false});

        bool esValido = RepositorioUsuarios.Singleton.CheckToken(email.Email, Auth);
        if (!esValido) return Unauthorized();

        var Permisos = RepositorioPermisos.Singleton.ListarPermisos(email.Email);
        Response.Headers["Content-Type"] = "application/json";
        return Ok(Permisos);
    }
}