import { createRoute, OpenAPIHono, z } from "@hono/zod-openapi";
import { authMiddleware } from "../../middleware/authMiddleware.js";
import { updateProfile } from "../../controllers/users/updateProfile.js";
import { verify } from "hono/jwt";
import { createLog } from "../../../logger/logger.js";

const app = new OpenAPIHono();

const UserSchema = z.object({
  password: z
    .string()
    .min(6, { message: "Passwords must be longer than 3 characters" })
    .regex(/[A-Z]/, {
      message: "Password must contain at least one uppercase letter",
    })
    .regex(/[\W_]/, {
      message: "Password must contain at least one special character",
    })
    .openapi({ example: "Password1!" }),
});
app.openapi(
  createRoute({
    tags: ["auth:user"],
    summary: "Updates a users Profile",
    description: "Currently you can only update your password over the API",
    method: "post",
    path: "/profile",
    middleware: authMiddleware,
    request: {
      body: {
        content: {
          "application/json": { schema: UserSchema },
        },
      },
    },
    responses: {
      200: {
        content: {
          "application/json": {
            schema: z.object({
              message: z
                .string()
                .optional()
                .openapi({ example: "User Profile has been updated" }),
            }),
          },
        },
        description: "Sucess return",
      },
      401: {
        content: {
          "application/json": {
            schema: z.object({
              message: z
                .string()
                .optional()
                .openapi({ example: "Unauthenticated" }),
            }),
          },
        },
        description: "Unauthorized",
      },
      500: {
        content: {
          "application/json": {
            schema: z.object({
              message: z
                .string()
                .optional()
                .openapi({ example: "Internal Server error" }),
            }),
          },
        },
        description: "Internal Server Error",
      },
    },
  }),
  async (c) => {
    // make sure we have a vaid user being accessed thats really logged in
    const authHeader = c.req.header("Authorization");

    if (authHeader?.includes("Basic")) {
      return c.json(
        { message: "You are a Basic user! Please login to get a token" },
        401
      );
    }

    if (!authHeader) {
      return c.json({ message: "Unauthorized" }, 401);
    }

    const token = authHeader?.split("Bearer ")[1] || "";
    let user;

    try {
      const payload = await verify(token, process.env.JWT_SECRET!);
      user = payload.user;
    } catch (error) {
      createLog(
        "error",
        "lst",
        "auth",
        "Failed session check, user must be logged out"
      );
      return c.json({ message: "Unauthorized" }, 401);
    }

    // now pass all the data over to update the user info
    try {
      const data = await c?.req.json();
      await updateProfile(user, data, token);
      return c.json({ message: "Your profile has been updated" });
    } catch (error) {
      return c.json({ message: "There was an error", error });
    }
  }
);

export default app;