const AuthService = require('../services/auth.service');
const { registerSchema, loginSchema } = require('../helpers/validation');
const { setResponse } = require('../helpers/utils');
const { createCaptcha } = require('../utils/captcha');

class AuthController {

  // Registration
  static async register(req, res) {
    try {
      const { error, value } = registerSchema.validate(req.body, { abortEarly: false });

      if (error) {
        const errors = error.details.reduce((acc, cur) => {
          const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
          if (!acc[field]) acc[field] = [];
          acc[field].push(cur.message);
          return acc;
        }, {});
        return res.status(400).json(setResponse(errors, 'Validation failed', 400));
      }

      if (value.phone && value.phone.startsWith('0')) {
        value.phone = '+62' + value.phone.slice(1);
      }

      const { user, tokens } = await AuthService.register(value);

      // Set refresh token in cookie
      res.cookie('refreshToken', tokens.refreshToken, {
        httpOnly: true,
        secure: false, //masih dev
        sameSite: 'lax',
        maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
      });

      return res.status(201).json(
        setResponse({ user, accessToken: tokens.accessToken }, 'User registered successfully', 201)
      );
    } catch (err) {
      return res.status(err.statusCode || 500).json(
        setResponse([], err.message || 'Register failed', err.statusCode || 500)
      );
    }
  }

  // Captcha
  static async generateCaptcha(req, res) {
    try {
      const { svg, text } = createCaptcha();
      return res.status(200).json({ data: { svg, text } });
    } catch (err) {
      return res.status(500).json(setResponse([], 'Captcha failed', 500));
    }
  }

  // Login
  static async login(req, res) {
    try {
      const { error, value } = loginSchema.validate(req.body, { abortEarly: false });
      if (error) return res.status(400).json(setResponse([], 'Validation failed', 400));

      const { email, password, captcha, captchaText } = value;

      if (!captcha || captcha.toLowerCase() !== captchaText.toLowerCase()) {
        return res.status(400).json(setResponse([], 'Invalid captcha', 400));
      }

      const { user, tokens } = await AuthService.login({ email, password });

      // Set refresh token in cookie
      res.cookie('refreshToken', tokens.refreshToken, {
        httpOnly: true,
        secure: false, // masih dev
        sameSite: 'lax',
        maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
      });

      return res.status(200).json(
        setResponse({ user, accessToken: tokens.accessToken }, 'Login successful', 200)
      );
    } catch (err) {
      return res.status(err.statusCode || 500).json(
        setResponse([], err.message || 'Login failed', err.statusCode || 500)
      );
    }
  }

  // Refresh Token
  static async refreshToken(req, res) {
    try {
      const refreshToken = req.cookies?.refreshToken;
      if (!refreshToken) {
        return res.status(401).json(setResponse(null, 'Refresh token is required', 401));
      }

      const result = await AuthService.refreshToken(refreshToken);

      return res.status(200).json(setResponse(result, 'Token refreshed successfully', 200));
    } catch (err) {
      const status = err.statusCode && err.statusCode < 500 ? err.statusCode : 401;
      return res.status(status).json(
        setResponse(null, err.message || 'Refresh token invalid', status)
      );
    }
  }

  // Logout
  static async logout(req, res) {
    try {
      res.clearCookie('refreshToken', {
        httpOnly: true,
        sameSite: 'none',
        secure: true
      });
      return res.status(200).json(setResponse(null, 'Logged out successfully', 200));
    } catch (err) {
      return res.status(500).json(setResponse(null, 'Logout failed', 500));
    }
  }
}

module.exports = AuthController;