import { test, expect } from '../fixtures/auth.fixture'

/**
 * P0: 认证 API 测试
 *
 * 测试 LeaiAuthController 的两个接口：
 * - GET /leai-auth/token（iframe 主入口）
 * - GET /leai-auth/refresh-token（Token 刷新）
 */

const API_BASE = process.env.API_BASE_URL || 'http://localhost:8580/api'

test.describe('乐读派认证 API', () => {

  test.describe('GET /leai-auth/token', () => {
    test('未登录 — 返回 401', async ({ request }) => {
      const resp = await request.get(`${API_BASE}/leai-auth/token`)
      expect(resp.status()).toBe(401)
    })

    test('已登录 — 返回 token + orgId', async ({ authedApi }) => {
      const resp = await authedApi.get(`${API_BASE}/leai-auth/token`)
      expect(resp.status()).toBe(200)

      const json = await resp.json()
      expect(json.code).toBe(200)
      expect(json.data).toBeDefined()

      const data = json.data
      expect(data).toHaveProperty('token')
      expect(data).toHaveProperty('orgId')
      expect(data.token).toBeTruthy()
      expect(data.orgId).toBeTruthy()
    })

    test('返回的 token 为非空字符串', async ({ authedApi }) => {
      const resp = await authedApi.get(`${API_BASE}/leai-auth/token`)
      const json = await resp.json()
      expect(typeof json.data.token).toBe('string')
      expect(json.data.token.length).toBeGreaterThan(10)
    })
  })

  test.describe('GET /leai-auth/refresh-token', () => {
    test('未登录 — 返回 401', async ({ request }) => {
      const resp = await request.get(`${API_BASE}/leai-auth/refresh-token`)
      expect(resp.status()).toBe(401)
    })

    test('已登录 — 刷新成功', async ({ authedApi }) => {
      const resp = await authedApi.get(`${API_BASE}/leai-auth/refresh-token`)
      expect(resp.status()).toBe(200)

      const json = await resp.json()
      expect(json.code).toBe(200)
      expect(json.data).toHaveProperty('token')
      expect(json.data).toHaveProperty('orgId')
    })

    test('连续两次刷新返回不同 token', async ({ authedApi }) => {
      const resp1 = await authedApi.get(`${API_BASE}/leai-auth/refresh-token`)
      const json1 = await resp1.json()

      // 短暂等待确保时间戳不同
      await new Promise((r) => setTimeout(r, 100))

      const resp2 = await authedApi.get(`${API_BASE}/leai-auth/refresh-token`)
      const json2 = await resp2.json()

      expect(json1.data.token).toBeTruthy()
      expect(json2.data.token).toBeTruthy()
      // 两次 token 应不同（每次换新 session）
      expect(json1.data.token).not.toBe(json2.data.token)
    })
  })
})