const db = require('../surreal');
const {generateAccesToken, generateRefreshToken, generatePermtoken} = require("../auth/auth");
const {verify} = require("../auth/password");
const router = require('express').Router();
const timestringconverter = require('timestringconverter');


router.post('/', async (req, res) => {
    const {username, password, remember} = req.body;

    console.log(username)

    if(!username) return res.status(400).json({error: "Username not provided"});
    if(!password) return res.status(400).json({error: "Password not provided"});

    const user = await db.query(`SELECT * FROM users WHERE username = string::lowercase("${username}")`);

    if (user.length == 0) {
        return res.status(400).json({error: 'Wrong credentials'});
    }

    const validPass = await verify(password, user[0].password);

    if(!validPass) return res.status(400).json({error: "Wrong credentials"});

    const accessToken = generateAccesToken(user[0].username);
    const refreshToken = generateRefreshToken(user[0].username);
    if(remember == true){
        const permtoken = generatePermtoken(user[0].username);
        res.cookie('permtoken', permtoken, {httpOnly: true, maxAge: 1000 * timestringconverter.ToSec(process.env.PERMTOKENAGE), path: '/permtoken'});
    }

    res.cookie('accessToken', accessToken, {httpOnly: true, maxAge: 1000 * timestringconverter.ToSec(process.env.ACCESSTOKENAGE)});
    res.cookie('refreshToken', refreshToken, {httpOnly: true, maxAge: 1000 * timestringconverter.ToSec(process.env.REFRESHTOKENAGE), path: '/refreshtoken'});
    res.status(200).json({message: 'Logged in'});
});

module.exports = router;