using System.Web.Security;
using Portoa.Persistence;
using Portoa.Web.Security;
using Portoa.Web.Session;
using VideoGameQuotes.Api.Persistence;

namespace VideoGameQuotes.Web.Services {
	public class FormsAuthenticationService : IAuthenticationService {
		private readonly IUserRepository userRepository;
		private readonly ISessionStore sessionStore;

		public FormsAuthenticationService(IUserRepository userRepository, ISessionStore sessionStore) {
			this.userRepository = userRepository;
			this.sessionStore = sessionStore;
		}

		[UnitOfWork]
		public void Login(string username) {
			FormsAuthentication.SetAuthCookie(username, true);
			sessionStore["user"] = userRepository.FindByUsername(username);
		}

		public void Logout() {
			FormsAuthentication.SignOut();
			sessionStore["user"] = null;
		}

		[UnitOfWork]
		public bool IsValid(string username, string password) {
			var user = userRepository.FindByUsername(username);
			return user != null && user.VerifyPassword(password);
		}
	}
}