// The Lucia project.
// Copyright 2024-2026 DSP, inc.  All rights reserved.
// Authors:
//   cindy.chang@dsp.im (Cindy Chang), 2024/06/11
//   imacat.yang@dsp.im (imacat), 2026/03/05

import { setupApiIntercepts } from "../support/intercept";

describe("Paste URL login redirect", () => {
  it("After login with return-to param, redirects to the remembered page", () => {
    setupApiIntercepts();

    // Visit login page with a return-to query param (base64-encoded URL)
    const targetUrl =
      "http://localhost:4173/discover/conformance/log/1/conformance";
    const encodedUrl = btoa(targetUrl);
    cy.visit(`/login?return-to=${encodedUrl}`);

    // Fill in login form
    cy.get("#account").type("testadmin");
    cy.get("#password").type("password123");
    cy.get("form").submit();
    cy.wait("@postToken");

    // After login, the app should attempt to redirect to the return-to URL.
    // Since window.location.href is used (not router.push), we verify the
    // login form disappears and the token cookie is set.
    cy.getCookie("luciaToken").should("exist");
  });

  it("Login without return-to param redirects to /files", () => {
    setupApiIntercepts();
    cy.visit("/login");

    cy.get("#account").type("testadmin");
    cy.get("#password").type("password123");
    cy.get("form").submit();
    cy.wait("@postToken");

    cy.url().should("include", "/files");
  });

  it("Unauthenticated user cannot access inner pages", () => {
    setupApiIntercepts();
    // Override my-account to return 401 (simulate logged-out state)
    cy.intercept("GET", "/api/my-account", {
      statusCode: 401,
      body: { detail: "Not authenticated" },
    }).as("getMyAccountUnauth");

    cy.visit("/files");

    // Should be redirected to login page
    cy.url().should("include", "/login");
    cy.get("#account").should("exist");
    cy.get("#password").should("exist");
  });
});