const authService = require('../services/auth.service');
const { generateToken } = require('../util/jwt');
const { logger } = require('../util/logger');
const db = require('../config/db');

async function login(req, res) {
  const { customerNo, password } = req.body;

  if (!customerNo || !password) {
    return res
      .status(400)
      .json({ error: 'customerNo and password are required' });
  }
  const currentTime = new Date().toISOString();
  try {
    const user = await authService.validateUser(customerNo, password);
    if (!user || !password)
      return res.status(401).json({ error: 'invalid credentials' });
    const token = generateToken(user.customer_no, '1d');
    const FirstTimeLogin = await authService.CheckFirstTimeLogin(customerNo);
    await db.query('UPDATE users SET last_login = $1 WHERE customer_no = $2', [
      currentTime,
      customerNo,
    ]);
    res.json({ token, FirstTimeLogin });
  } catch (err) {
    logger.error(err, 'login failed');
    res.status(500).json({ error: 'something went wrong' });
  }
}

async function fetchUserDetails(req, res) {
  const customerNo = req.user;
  try {
    const user = await authService.findUserByCustomerNo(customerNo);
    if (!user) return res.status(404).json({ message: 'USER_NOT_FOUND' });
    return res.json(user);
  } catch (err) {
    logger.error(err, 'error occured while fetching user details');
    res.status(500).json({ error: 'something went wrong' });
  }
}

async function tpin(req, res) {
  const customerNo = req.user;
  try {
    const user = await authService.findUserByCustomerNo(customerNo);
    if (!user) return res.status(404).json({ message: 'USER_NOT_FOUND' });
    if (!user.tpin) {
      return res.json({ tpinSet: false });
    } else {
      return res.json({ tpinSet: true });
    }
  } catch (err) {
    logger.error(err, 'error occured while checking tpin');
    res.status(500).json({ error: 'something went wrong' });
  }
}

async function setTpin(req, res) {
  const customerNo = req.user;
  try {
    const user = await authService.findUserByCustomerNo(customerNo);
    if (!user) return res.status(404).json({ error: 'USER_NOT_FOUND' });
    if (user.tpin)
      return res.status(400).json({ error: 'USER_ALREADY_HAS_A_TPIN' });
    const { tpin } = req.body;
    if (!/^\d{6}$/.test(tpin))
      return res.status(400).json({ error: 'INVALID_TPIN_FORMAT' });
    authService.setTpin(customerNo, tpin);
    return res.json({ message: 'TPIN_SET' });
  } catch (error) {
    logger.error(error);
    return res.status(500).json({ error: 'SOMETHING_WENT_WRONG' });
  }
}

async function setLoginPassword(req, res) {
  const customerNo = req.user;
  try {
    const user = await authService.findUserByCustomerNo(customerNo);
    if (!user) return res.status(404).json({ error: 'USER_NOT_FOUND' });
    const { login_password } = req.body;
    authService.setLoginPassword(customerNo, login_password);
    return res.json({ message: 'Login Password set' });
  } catch (error) {
    logger.error(error);
    return res.status(500).json({ error: 'SOMETHING_WENT_WRONG' });
  }
}
async function setTransactionPassword(req, res) {
  const customerNo = req.user;
  try {
    const user = await authService.findUserByCustomerNo(customerNo);
    if (!user) return res.status(404).json({ error: 'USER_NOT_FOUND' });
    const { transaction_password } = req.body;
    authService.setTransactionPassword(customerNo, transaction_password);
    return res.json({ message: 'Transaction Password set' });
  } catch (error) {
    logger.error(error);
    return res.status(500).json({ error: 'SOMETHING_WENT_WRONG' });
  }
}

module.exports = {
  login,
  tpin,
  setTpin,
  setLoginPassword,
  setTransactionPassword,
  fetchUserDetails,
};