/**
 * Authentication utilities for E2E tests.
 */

/**
 * Login as admin user via API and then navigate so the session cookie is in context.
 * More reliable than form submit + redirect for E2E.
 * @param {import('@playwright/test').Page} page
 * @param {string} identifier - Username (default test-admin)
 * @param {string} password - Password (default test-admin-password)
 * @returns {Promise<void>}
 */
export async function loginAsAdmin(page, identifier = 'test-admin', password = 'test-admin-password') {
  // Login via API so the session cookie is set in the browser context
  const response = await page.request.post('/api/auth/login', {
    data: { identifier, password },
  })

  if (!response.ok()) {
    const body = await response.body().catch(() => Buffer.from(''))
    throw new Error(`Login API failed ${response.status()}: ${body.toString()}`)
  }

  // Navigate to home so the app sees the session
  await page.goto('/')
  await page.waitForLoadState('domcontentloaded')
}

/**
 * Get session cookie from page context.
 * @param {import('@playwright/test').BrowserContext} context
 * @returns {Promise<string | null>} Session ID cookie value
 */
export async function getSessionCookie(context) {
  const cookies = await context.cookies()
  const sessionCookie = cookies.find(c => c.name === 'session_id')
  return sessionCookie?.value || null
}