import {createRoute, OpenAPIHono, z} from "@hono/zod-openapi";
import {authMiddleware} from "../../middleware/authMiddleware.js";
import {updateProfile} from "../../controllers/users/updateProfile.js";
import {verify} from "hono/jwt";
import {log} from "../../../logger/logger.js";

const app = new OpenAPIHono();

const UserSchema = z.object({
    password: z
    .string()
    .min(6, {message: "Passwords must be longer than 3 characters"})
    .regex(/[A-Z]/, {message: "Password must contain at least one uppercase letter"})
    .regex(/[\W_]/, {message: "Password must contain at least one special character"})
    .openapi({example: "Password1!"}),
});
app.openapi(
    createRoute({
        tags: ["User"],
        summary: "Updates a users Profile",
        description: "Currently you can only update your password over the API",
        method: "post",
        path: "/",
        middleware: authMiddleware,
        request: {
            body: {
                content: {
                    "application/json": {schema: UserSchema},
                },
            },
        },
        responses: {
            200: {
                content: {
                    "application/json": {
                        schema: z.object({
                            message: z.string().optional().openapi({example: "User Profile has been updated"}),
                        }),
                    },
                },
                description: "Sucess return",
            },
            401: {
                content: {
                    "application/json": {
                        schema: z.object({message: z.string().optional().openapi({example: "Unauthenticated"})}),
                    },
                },
                description: "Unauthorized",
            },
            500: {
                content: {
                    "application/json": {
                        schema: z.object({message: z.string().optional().openapi({example: "Internal Server error"})}),
                    },
                },
                description: "Internal Server Error",
            },
        },
    }),
    async (c) => {
        // make sure we have a vaid user being accessed thats really logged in
        const authHeader = c.req.header("Authorization");

        if (authHeader?.includes("Basic")) {
            return c.json({message: "You are a Basic user! Please login to get a token"}, 401);
        }

        if (!authHeader) {
            return c.json({message: "Unauthorized"}, 401);
        }

        const token = authHeader?.split("Bearer ")[1] || "";
        let user;

        try {
            const payload = await verify(token, process.env.JWT_SECRET!);
            user = payload.user;
        } catch (error) {
            log.error(error, "Failed session check, user must be logged out");
            return c.json({message: "Unauthorized"}, 401);
        }

        // now pass all the data over to update the user info
        try {
            const data = await c?.req.json();
            await updateProfile(user, data, token);
            return c.json({message: "Your profile has been updated"});
        } catch (error) {
            return c.json({message: "There was an error", error});
        }
    }
);

export default app;