const router = require('express').Router()
const { randomBytes } = require('crypto')
const createJwt = require('../helpers/createJwt')
const User = require('../model/User')

// Alive
router.get("/", (_, res) => res.send("Auth service is up.") )

// Register
router.post('/register', async (req, res) => {
  const refreshToken = randomBytes(32).toString('hex')
  const newUser = new User({
    email: req.body.email,
    password: req.body.password,
    sessions: [{
      device: req.body.device,
      refreshToken,
    }],
  })

  try {
    const user = await newUser.save()
    const sessionId = user.sessions[0]._id
    const jwtToken = createJwt(user, sessionId)

    res.status(201).send({ sessionId, jwtToken, refreshToken })
  } catch(err) {
    if (err._message) {
      res.status(422).send({ error: err._message })
    } else if (err.code && err.code === 11000) {
      res.status(409).send({ error: 'User with this email already exist' })
    } else {
      res.status(400).send({ error: 'Could not save the user' })
    }
  }
})

// Login
router.post('/login', async (req, res) => {
  try {
    const { user, refreshToken } = await User.newSession(req.body)
    const sessionId = user.sessions[user.sessions.length - 1]._id
    const jwtToken = createJwt(user, sessionId)

    res.status(202).send({ sessionId, jwtToken, refreshToken })
  } catch (err) {
    res.status(401).send({ error: 'Could not log in.' })
  }
})

// Refresh token
router.post('/refresh', async (req, res) => {
  try {
    const user = await User.checkRefreshToken(req.body)

    if (!user) throw new Error()

    const refreshToken = await User.refreshExistingToken({ user, sessionId: req.body.sessionId })

    if (!refreshToken) throw new Error()

    const jwtToken = createJwt(user)

    res.status(201).send({ sessionId: req.body.sessionId, jwtToken, refreshToken })
  } catch (err) {
    console.log(err)
    res.status(401).send({ error: 'Could not refresh token' })
  }
})

module.exports = router