const { 
  getUserByUserEmailDb, 
  createUserDb 
} = require('../db/user.db');
const { hashPassword, comparePassword } = require('../helpers/hashPassword');
const { ErrorHandler } = require('../helpers/error');
const JWTService = require('../utils/jwt');

class AuthService {

  // Register
  static async register({ fullname, name, email, phone, password }) {
    const existingUser = await getUserByUserEmailDb(email);
    if (existingUser) {
      throw new ErrorHandler(400, 'Email already registered');
    }

    const hashedPassword = await hashPassword(password);

    const userId = await createUserDb({
      user_fullname: fullname,
      user_name: name,
      user_email: email,
      user_phone: phone,
      user_password: hashedPassword,
      role_id: null,
      is_sa: 0,
      is_active: 1
    });

    const newUser = {
      user_id: userId,
      user_fullname: fullname,
      user_name: name,
      user_email: email,
      user_phone: phone
    };

    // generate token pair
    const tokens = JWTService.generateTokenPair(newUser);

    return { user: newUser, tokens };
  }

  // Login
  static async login({ email, password }) {
    const user = await getUserByUserEmailDb(email);
    if (!user) {
      throw new ErrorHandler(401, 'Invalid credentials');
    }

    const passwordMatch = await comparePassword(password, user.user_password);
    if (!passwordMatch) {
      throw new ErrorHandler(401, 'Invalid credentials');
    }

    if (!user.is_active) {
      throw new ErrorHandler(403, 'User is inactive');
    }

    const payload = {
      user_id: user.user_id,
      user_fullname: user.user_fullname,
      user_name: user.user_name,
      user_email: user.user_email,
      user_phone: user.user_phone,
      role_id: user.role_id,
      role_name: user.role_name,
      is_sa: user.is_sa
    };

    const tokens = JWTService.generateTokenPair(payload);
    return { user: payload, tokens };
  }

  // Refresh Token
  static async refreshToken(refreshToken) {
    if (!refreshToken) throw new ErrorHandler(401, 'Refresh token is required');

    let decoded;
    try {
      decoded = JWTService.verifyRefreshToken(refreshToken);
    } catch (err) {
      if (err.message.includes('expired')) throw new ErrorHandler(401, 'Refresh token expired');
      throw new ErrorHandler(401, 'Invalid refresh token');
    }

    const payload = {
      user_id: decoded.user_id,
      user_fullname: decoded.user_fullname,
      user_name: decoded.user_name,
      user_email: decoded.user_email,
      user_phone: decoded.user_phone,
      role_id: decoded.role_id,
      role_name: decoded.role_name,
      is_sa: decoded.is_sa
    };

    const accessToken = JWTService.generateAccessToken(payload);

    return { 
      accessToken, 
      tokenType: 'Bearer', 
      expiresIn: 900
    };
  }
}

module.exports = AuthService;