const AuthService = require('../services/auth.service');
const { registerSchema, loginSchema } = require('../helpers/authValidation');
const { setResponse } = require('../helpers/utils');
const { createCaptcha } = require('../utils/captcha');

class AuthController {

  // Registration
  static async register(req, res) {
    try {
      const { error, value } = registerSchema.validate(req.body, { abortEarly: false });

      if (error) {
        // kumpulkan pesan error per field
        const errors = error.details.reduce((acc, cur) => {
          const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
          if (!acc[field]) acc[field] = [];
          acc[field].push(cur.message);
          return acc;
        }, {});

        return res.status(400).json(
          setResponse(errors, 'Validation failed', 400)
        );
      }

      // Normalisasi phone menjadi +62
      if (value.phone && value.phone.startsWith('0')) {
        value.phone = '+62' + value.phone.slice(1);
      }

      const user = await AuthService.register(value);
      return res.status(201).json(
        setResponse(user, 'User registered successfully', 201)
      );

    } catch (err) {
      return res.status(err.statusCode || 500).json(
        setResponse([], err.message || 'Register failed', err.statusCode || 500)
      );
    }
  }


  static async generateCaptcha(req, res) {
    try {
      const { svg, text } = createCaptcha();
      return res.status(200).json({
        data: { svg, text }
      });
    } catch (err) {
      return res.status(500).json(setResponse([], 'Captcha failed', 500));
    }
  }

  static async login(req, res) {
    try {
      const { error, value } = loginSchema.validate(req.body, { abortEarly: false });
      if (error) return res.status(400).json(setResponse([], 'Validation failed', 400));

      const { email, password, captcha, captchaText } = value;

      // verify captcha
      if (!captcha || captcha.toLowerCase() !== captchaText.toLowerCase()) {
        return res.status(400).json(setResponse([], 'Invalid captcha', 400));
      }

      const { user, tokens } = await AuthService.login({ email, password });

      return res.status(200).json(setResponse({ user, tokens }, 'Login successful', 200));

    } catch (err) {
      return res.status(err.statusCode || 500).json(
        setResponse([], err.message || 'Login failed', err.statusCode || 500)
      );
    }
  }

// // Verify Captcha (secure)
//   static async verifyCaptcha(req, res) {
//     const { userInput } = req.body;

//     if (!userInput || !req.session.captcha) {
//       return res.status(400).json(
//         setResponse([], 'Missing data', 400)
//       );
//     }

//     if (userInput.toLowerCase() === req.session.captcha.toLowerCase()) {
//       req.session.captcha = null; // one-time use
//       return res.json(
//         setResponse([], 'Captcha is valid', 200)
//       );
//     } else {
//       return res.status(400).json(
//         setResponse([], 'Invalid captcha', 400)
//       );
//     }
//   }

}

module.exports = AuthController;