elearning/Backend/src/controllers/UserController.ts

import { Get, Body, Post, Route, Tags, SuccessResponse, Response, Example, Controller, Security, Request, Put, UploadedFile } from 'tsoa';
import { ValidationError } from '../middleware/errorHandler';
import { UserService } from '../services/user.service';
import {
    UserResponse,
    ProfileResponse,
    ProfileUpdate,
    ProfileUpdateResponse,
    ChangePasswordRequest,
    ChangePasswordResponse,
    updateAvatarResponse,
    SendVerifyEmailResponse,
    VerifyEmailResponse
} from '../types/user.types';
import { ChangePassword } from '../types/auth.types';
import { profileUpdateSchema, changePasswordSchema } from "../validators/user.validator";

@Route('api/user')
@Tags('User')
export class UserController {
    private userService = new UserService();

    /**
     * Get current user profile
     * @summary Retrieve authenticated user's profile information
     * @param request Express request object with JWT token in Authorization header
     */
    @Get('me')
    @SuccessResponse('200', 'User found')
    @Response('404', 'User not found')
    @Response('401', 'Invalid or expired token')
    @Security('jwt')
    public async getMe(@Request() request: any): Promise<UserResponse> {
        // Extract token from Authorization header
        const token = request.headers.authorization?.replace('Bearer ', '');
        if (!token) {
            throw new ValidationError('No token provided');
        }
        return await this.userService.getUserProfile(token);
    }

    @Put('me')
    @Security('jwt')
    @SuccessResponse('200', 'Profile updated successfully')
    @Response('401', 'Invalid or expired token')
    @Response('400', 'Validation error')
    public async updateProfile(@Request() request: any, @Body() body: ProfileUpdate): Promise<ProfileUpdateResponse> {
        const { error } = profileUpdateSchema.validate(body);
        if (error) {
            throw new ValidationError(error.details[0].message);
        }
        const token = request.headers.authorization?.replace('Bearer ', '');
        if (!token) {
            throw new ValidationError('No token provided');
        }
        return await this.userService.updateProfile(token, body);
    }

    /**
     * Change password
     * @summary Change user password using old password
     * @param request Express request object with JWT token in Authorization header
     * @param body Old password and new password
     * @returns Success message
     */
    @Post('change-password')
    @Security('jwt')
    @SuccessResponse('200', 'Password changed successfully')
    @Response('401', 'Invalid old password or token')
    @Response('400', 'Validation error')
    public async changePassword(@Request() request: any, @Body() body: ChangePassword): Promise<ChangePasswordResponse> {
        const { error } = changePasswordSchema.validate(body);
        if (error) {
            throw new ValidationError(error.details[0].message);
        }

        const token = request.headers.authorization?.replace('Bearer ', '');
        if (!token) {
            throw new ValidationError('No token provided');
        }

        return await this.userService.changePassword(token, body.oldPassword, body.newPassword);
    }

    /**
     * Upload user avatar picture
     * @param request Express request object with JWT token in Authorization header
     * @param file Avatar image file
     */
    @Post('upload-avatar')
    @Security('jwt')
    @SuccessResponse('200', 'Avatar uploaded successfully')
    @Response('401', 'Invalid or expired token')
    @Response('400', 'Validation error')
    public async uploadAvatar(
        @Request() request: any,
        @UploadedFile() file: Express.Multer.File
    ): Promise<updateAvatarResponse> {
        const token = request.headers.authorization?.replace('Bearer ', '');
        if (!token) throw new ValidationError('No token provided');

        // Validate file type (images only)
        if (!file.mimetype?.startsWith('image/')) throw new ValidationError('Only image files are allowed');

        // Validate file size (max 5MB)
        const maxSize = 5 * 1024 * 1024; // 5MB
        if (file.size > maxSize) throw new ValidationError('File size must be less than 5MB');

        return await this.userService.uploadAvatarPicture(token, file);
    }

    /**
     * Send verification email to user
     * @summary Send email verification link to authenticated user's email
     * @param request Express request object with JWT token in Authorization header
     */
    @Post('send-verify-email')
    @Security('jwt')
    @SuccessResponse('200', 'Verification email sent successfully')
    @Response('401', 'Invalid or expired token')
    @Response('400', 'Email already verified')
    public async sendVerifyEmail(@Request() request: any): Promise<SendVerifyEmailResponse> {
        const token = request.headers.authorization?.replace('Bearer ', '');
        if (!token) throw new ValidationError('No token provided');
        return await this.userService.sendVerifyEmail(token);
    }

    /**
     * Verify email with token
     * @summary Verify user's email address using verification token
     * @param body Object containing the verification token
     */
    @Post('verify-email')
    @SuccessResponse('200', 'Email verified successfully')
    @Response('401', 'Invalid or expired verification token')
    @Response('400', 'Email already verified')
    public async verifyEmail(@Body() body: { token: string }): Promise<VerifyEmailResponse> {
        if (!body.token) throw new ValidationError('Verification token is required');
        return await this.userService.verifyEmail(body.token);
    }
}