using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using ROLAC.API.DTOs.Expense;
using ROLAC.API.Services.Ai;

namespace ROLAC.API.Controllers;

[ApiController]
[Route("api/expense-ai")]
[Authorize]   // Open to any authenticated user — same audience as the expense-entry form, which any
              // member filing a reimbursement can reach. The endpoint only reads the category catalog.
public class ExpenseAiController : ControllerBase
{
    private readonly IExpenseAiServiceFactory _factory;
    public ExpenseAiController(IExpenseAiServiceFactory factory) => _factory = factory;

    [HttpPost("assist")]
    public async Task<IActionResult> Assist([FromBody] ExpenseAiAssistRequest request, CancellationToken ct)
    {
        if (string.IsNullOrWhiteSpace(request.Text))
            return BadRequest("Text is required.");

        var svc = await _factory.ResolveAsync(ct);
        var suggestion = await svc.SuggestAsync(request.Text, request.Amount, ct);
        return Ok(suggestion);
    }
}