import { Router, Request, Response } from 'express';
import { createUser, findUserByEmail, verifyPassword } from '../models/user';
import { generateToken, authMiddleware, AuthRequest } from '../middleware/auth';

const router = Router();

// Sign up
router.post('/signup', async (req: Request, res: Response) => {
  try {
    const { email, password, telegram_username } = req.body;

    if (!email || !password) {
      return res.status(400).json({ error: 'Email and password required' });
    }

    // Email format validation
    const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
    if (!emailRegex.test(email)) {
      return res.status(400).json({ error: 'Invalid email format' });
    }

    // Password strength: min 12 chars, at least one uppercase, one lowercase, one digit
    if (password.length < 12) {
      return res.status(400).json({ error: 'Password must be at least 12 characters' });
    }
    if (!/[A-Z]/.test(password) || !/[a-z]/.test(password) || !/\d/.test(password)) {
      return res.status(400).json({ error: 'Password must contain uppercase, lowercase, and a number' });
    }

    const normalizedEmail = email.toLowerCase().trim();

    // Check if user exists
    const existing = await findUserByEmail(normalizedEmail);
    if (existing) {
      return res.status(400).json({ error: 'Email already registered' });
    }
    
    // Create user
    const user = await createUser(normalizedEmail, password, telegram_username);
    const token = generateToken(user.id);

    res.status(201).json({
      success: true,
      token,
      user: {
        id: user.id,
        email: user.email,
        plan: user.plan,
        role: user.role,
        telegram_username: user.telegram_username,
      },
    });
  } catch (error) {
    console.error('Signup error:', error);
    res.status(500).json({ error: 'Failed to create account' });
  }
});

// Login
router.post('/login', async (req: Request, res: Response) => {
  try {
    const { email, password } = req.body;

    if (!email || !password) {
      return res.status(400).json({ error: 'Email and password required' });
    }

    const normalizedEmail = email.toLowerCase().trim();

    const user = await findUserByEmail(normalizedEmail);
    if (!user) {
      return res.status(401).json({ error: 'Invalid credentials' });
    }
    
    const valid = await verifyPassword(user, password);
    if (!valid) {
      return res.status(401).json({ error: 'Invalid credentials' });
    }
    
    const token = generateToken(user.id);

    res.json({
      success: true,
      token,
      user: {
        id: user.id,
        email: user.email,
        plan: user.plan,
        role: user.role,
        telegram_username: user.telegram_username,
        telegram_connected: !!user.telegram_chat_id,
      },
    });
  } catch (error) {
    console.error('Login error:', error);
    res.status(500).json({ error: 'Login failed' });
  }
});

// Get current user
router.get('/me', authMiddleware, async (req: AuthRequest, res: Response) => {
  try {
    res.json({
      user: {
        id: req.user.id,
        email: req.user.email,
        plan: req.user.plan,
        role: req.user.role,
        telegram_username: req.user.telegram_username,
        telegram_connected: !!req.user.telegram_chat_id,
        subscription_status: req.user.subscription_status,
        subscription_ends_at: req.user.subscription_ends_at,
      },
    });
  } catch (error) {
    console.error('Get me error:', error);
    res.status(500).json({ error: 'Failed to get user' });
  }
});

export default router;