// Hands-On tutorial — MVC controller that backs the Header Action / Item
// Action endpoints. The FrontEnd Server hosts ASP.NET MVC controllers
// from any assembly in /app/Custom/ — register through routing.

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;

namespace Acme.Mib.HandsOn.Controllers;

[ApiController]
// See the matching note in `AssetsController` — `[AllowAnonymous]`
// opts our plain `ControllerBase` subclass out of the BFF's
// WorkflowFactoryMiddleware, which would otherwise turn every
// Bearer-bearing request to /api/v2/* into a 401 (the shell's axios
// interceptor then bounces to /login). For real customer code that
// needs the authenticated identity, inherit from `ApiBaseController`
// instead and gain the proper `[Authorize(AuthenticationSchemes =
// Constants.API_SCHEME)]` wiring.
[AllowAnonymous]
[Route("api/v2/handson/movies")]
public sealed class MoviesController : ControllerBase
{
    private readonly ILogger<MoviesController> _log;

    public MoviesController(ILogger<MoviesController> log) => _log = log;

    // Header Action — re-index ALL movies.
    [HttpPost("reindex")]
    public IActionResult ReindexAll()
    {
        _log.LogInformation("Re-indexing all HANDSON_MOVIES");

        // Real implementation would push to a queue, schedule a job, etc.
        // For the tutorial we just simulate it and return a count.
        var affected = 42;

        return Ok(new { affected, status = "queued" });
    }

    // Item Action — re-index ONE movie.
    [HttpPost("{id:int}/reindex")]
    public IActionResult ReindexOne(int id)
    {
        _log.LogInformation("Re-indexing HANDSON_MOVIES.id={Id}", id);

        return Ok(new { id, status = "queued" });
    }
}