const express = require('express');
const { auth } = require('express-openid-connect');
const cors = require('cors');
const cookieParser = require('cookie-parser');
require('dotenv').config();

const FRONTEND_URL = 'http://localhost:3000';
const BACKEND_URL = 'http://localhost:3001';

const app = express();

// Cookie middleware
app.use(cookieParser());

// CORS configuration
app.use(cors({
  origin: FRONTEND_URL,
  credentials: true,
  methods: ['GET', 'POST', 'OPTIONS'],
  allowedHeaders: ['Content-Type', 'Authorization', 'Cookie'],
  exposedHeaders: ['Set-Cookie']
}));

const config = {
  authRequired: false,
  auth0Logout: true,
  secret: process.env.AUTH0_SECRET,
  baseURL: BACKEND_URL,
  clientID: process.env.AUTH0_CLIENT_ID,
  issuerBaseURL: 'https://dev-a3o2jif0.us.auth0.com',
  clientSecret: process.env.AUTH0_CLIENT_SECRET,
  routes: {
    callback: '/callback',
    postLogoutRedirect: FRONTEND_URL
  },
  authorizationParams: {
    response_type: 'code',
    scope: 'openid profile email'
  },
  session: {
    cookie: {
      domain: 'localhost',
      secure: false, // Set to true in production
      sameSite: 'lax',
      httpOnly: true
    }
  }
};

app.use(auth(config));

// Auth endpoints
app.post('/api/auth/login', (req, res) => {
  try {
    const loginUrl = `${config.issuerBaseURL}/authorize?` +
      `client_id=${config.clientID}&` +
      `redirect_uri=${encodeURIComponent(BACKEND_URL + '/callback')}&` +
      `response_type=code&` +
      `scope=${encodeURIComponent(config.authorizationParams.scope)}&` +
      `state=${encodeURIComponent(JSON.stringify({ returnTo: FRONTEND_URL }))}`;
    
    res.json({ loginUrl });
  } catch (error) {
    console.error('Login error:', error);
    res.status(500).json({ error: 'Login failed' });
  }
});

// Callback handler with error handling
app.get('/callback', async (req, res) => {
  try {
    // Handle the callback
    await new Promise((resolve, reject) => {
      req.oidc.callback(req, res, (err) => {
        if (err) reject(err);
        resolve();
      });
    });

    // Redirect to frontend
    res.redirect(FRONTEND_URL);
  } catch (error) {
    console.error('Callback error:', error);
    res.redirect(`${FRONTEND_URL}?error=auth_callback_failed`);
  }
});

app.get('/api/auth/user', (req, res) => {
  try {
    if (req.oidc.isAuthenticated()) {
      res.json(req.oidc.user);
    } else {
      res.json(null);
    }
  } catch (error) {
    console.error('User fetch error:', error);
    res.status(500).json({ error: 'Failed to get user' });
  }
});

app.post('/api/auth/logout', (req, res) => {
  try {
    const returnToUrl = 'http://localhost:3000';
    res.oidc.logout({ returnTo: returnToUrl });
  } catch (error) {
    console.error('Logout error:', error);
    res.status(500).json({ error: 'Logout failed' });
  }
});

// Error handling middleware
app.use((err, req, res, next) => {
  console.error('Server error:', err);
  res.status(500).json({ error: 'Internal server error' });
});

const port = process.env.PORT || 3001;
app.listen(port, () => {
  console.log(`Server running on port ${port}`);
});