package users

import (
	"errors"
	"server/internal/systemUtils"
	"time"

	"github.com/gofiber/fiber/v3"
	"gorm.io/gorm"
)

func UpdateUserPassword(db *gorm.DB, req UpdatePasswordRequest, uuid string) error {
	user := User{}
	if err := db.Where("uuid = ?", uuid).First(&user).Error; err != nil {
		if errors.Is(err, gorm.ErrRecordNotFound) {
			return fiber.NewError(fiber.StatusNotFound, "user not found")
		}
		return fiber.NewError(fiber.StatusInternalServerError, "failed to load user")
	}
	hashedPassword, err := systemUtils.HashPassword(req.Password)
	if err != nil {
		return fiber.NewError(fiber.StatusInternalServerError, "failed to secure password")
	}
	now := time.Now().UTC()
	if err := db.Model(&user).Updates(map[string]any{
		"password":   hashedPassword,
		"updated_at": now,
	}).Error; err != nil {
		return fiber.NewError(fiber.StatusInternalServerError, "failed to update password")
	}
	if err := db.Where("user_id = ?", user.ID).Delete(&Session{}).Error; err != nil {
		return fiber.NewError(fiber.StatusInternalServerError, "failed to revoke sessions")
	}
	return nil
}