class MessagesController < ApplicationController
  skip_before_action :verify_authenticity_token, only: %i[ create ]

  before_action :set_contest, only: %i[ destroy ]
  before_action :set_message, only: %i[ destroy ]

  def create
    allow_unauthenticated_access
    skip_authorization

    @message_params = message_params
    @contest = Contest.find_by_token_for(:token, params[:token])
    @message = Message.new(text: params[:text], time_seconds: params[:time_seconds], contest: @contest)
    if @contest && @message.save
      respond_to do |format|
        format.json  { render json: {}, status: 200 }
      end
    else
      respond_to do |format|
        format.json  { render json: { error: "invalid contest token" }, status: 400 }
      end
    end
  end

  def destroy
    authorize @contest

    @message.destroy
    redirect_to contest_path(@contest)
  end

  private

  def set_contest
    @contest = Contest.find(params[:contest_id])
  end

  def set_message
    @message = Message.find(params[:id])
  end

  def message_params
    params.expect(message: [ :text, :time_seconds, :token ])
  end
end