const { verifyToken, generateAccesToken, generateRefreshToken } = require("./auth");

const auth = (req, res, next) => {
    const refreshToken = req.cookies.refreshToken;
    const accessToken = req.cookies.accessToken;
    const permtoken = req.cookies.permtoken;
    if (!refreshToken && !accessToken && !permtoken) return res.status(401).json({ error: "Unauthorized" });

    if (accessToken) {
        const result = verifyToken(accessToken);
        if (result == false) {
            //remove refresh token
            res.cookie("accessToken", "", { httpOnly: true });
        }
        if (result.user) {
            req.user = result.user;
            return next();
        }
    }

    else if (refreshToken && !accessToken) {
        const result = verifyToken(refreshToken);
        if (result != false) {
            //create new access token
            const newAccessToken = generateAccesToken(result.user);
            res.cookie("accessToken", newAccessToken, { httpOnly: true });
        }
        else {
            //remove refresh token
            res.cookie("refreshToken", "", { httpOnly: true });
        }
        if (result.user) {
            req.user = result.user;
            return next();
        }
    }

    else if (permtoken) {
        const result = verifyToken(permtoken);
        if (result != false) {
            //create new access token
            const newAccessToken = generateAccesToken(result.user);
            res.cookie("accessToken", newAccessToken, { httpOnly: true });

            //create new refresh token
            const newRefreshToken = generateRefreshToken(result.user);
            res.cookie("refreshToken", newRefreshToken, { httpOnly: true });
        }
        else {
            //remove permtoken
            res.cookie("permtoken", "", { httpOnly: true });
        }
        if (result.user) {
            req.user = result.user;
            return next();
        }
    }

    return res.status(401).json({ error: "Unauthorized" });
}

const publicauth = (req, res, next) => {
    const refreshToken = req.cookies.refreshToken;
    const accessToken = req.cookies.accessToken;
    const permtoken = req.cookies.permtoken;
    if (!refreshToken && !accessToken && !permtoken) {
        req.user = null;
        return next();
    }

    if (accessToken) {
        const result = verifyToken(accessToken);
        if (result == false) {
            //remove refresh token
            res.cookie("accessToken", "", { httpOnly: true });
        }
        if (result.user) {
            req.user = result.user;
            return next();
        }
    }

    else if (refreshToken && !accessToken) {
        const result = verifyToken(refreshToken);
        if (result != false) {
            //create new access token
            const newAccessToken = generateAccesToken(result.user);
            res.cookie("accessToken", newAccessToken, { httpOnly: true });
        }
        else {
            //remove refresh token
            res.cookie("refreshToken", "", { httpOnly: true });
        }
        if (result.user) {
            req.user = result.user;
            return next();
        }
    }

    else if (permtoken) {
        const result = verifyToken(permtoken);
        if (result != false) {
            //create new access token
            const newAccessToken = generateAccesToken(result.user);
            res.cookie("accessToken", newAccessToken, { httpOnly: true });

            //create new refresh token
            const newRefreshToken = generateRefreshToken(result.user);
            res.cookie("refreshToken", newRefreshToken, { httpOnly: true });
        }
        else {
            //remove permtoken
            res.cookie("permtoken", "", { httpOnly: true });
        }
        if (result.user) {
            req.user = result.user;
            return next();
        }
    }

    req.user = null;
}

module.exports = { auth, publicauth };