const bcrypt = require("bcrypt")
const faker = require("faker")
const User = require("../model/User")
const auth = require("../auth")

// Controller function for user registration
exports.registerUser = async (req, res) => {
  try {
    const { email, password, firstName, lastName } = req.body;

    // If firstName and lastName are not provided, generate default values using faker
    const autoGeneratedFirstName = firstName || faker.name.firstName();
    const autoGeneratedLastName = lastName || faker.name.lastName();

    // Hash the password before saving it
    const hashedPassword = await bcrypt.hash(password, 10);

    const newUser = new User({
      email,
      password: hashedPassword,
      firstName: autoGeneratedFirstName,
      lastName: autoGeneratedLastName,
    });

    await newUser.save();

    res.status(201).json({ message: 'User registered successfully. To update account details, acess user/update' });
  } catch (error) {
    console.error(error);
    res.status(500).json({ message: 'Internal server error' });
  }
};


// Controller function for user authentication
exports.authenticateUser = async (req, res) => {
	try {
		const { email, password } = req.body

		const user = await User.findOne({ email })

		if (!user) {
			return res.status(401).json({ message: "Invalid credentials" })
		}

		const passwordMatch = await bcrypt.compare(password, user.password)

		if (!passwordMatch) {
			return res.status(401).json({ message: "Invalid credentials" })
		}

		// Generate JWT token using the function from auth.js
		const token = auth.generateToken(user._id, user.email)

		// Return user details and token
		res.status(200).json({
			userId: user._id,
			email: user.email,
      firstName: user.firstName,
      lastName: user.lastName,
			isAdmin: user.isAdmin,
			token: token,
		})
	} catch (error) {
		console.error(error)
		res.status(500).json({ message: "Internal server error" })
	}
}

// Controller function for updating user data (including email, firstName, lastName, and password)
exports.updateUserData = async (req, res) => {
  try {
    const { userId, newEmail, newFirstName, newLastName, newPassword } = req.body;

    // Add authentication logic here using the authorization token
    // For example:
    // const userIdFromToken = req.user.userId;
    // if (userIdFromToken !== userId) {
    //   return res.status(403).json({ message: 'Permission denied. You can only update your own data.' });
    // }

    // Your logic to update user data based on userId
    // For example:

    const user = await User.findById(userId);

    if (!user) {
      return res.status(404).json({ message: 'User not found' });
    }

    // Update email if provided
    if (newEmail) {
      user.email = newEmail;
    }

    // Update firstName if provided
    if (newFirstName) {
      user.firstName = newFirstName;
    }

    // Update lastName if provided
    if (newLastName) {
      user.lastName = newLastName;
    }

    // Update password if provided
    if (newPassword) {
      const hashedPassword = await bcrypt.hash(newPassword, 10);
      user.password = hashedPassword;
    }

    // Save the updated user data
    await user.save();

    // Fetch the updated user details
    const updatedUser = await User.findById(userId);

    // Return the updated user details in the response
    res.status(200).json({ message: 'User data updated successfully', user: updatedUser });
  } catch (error) {
    console.error(error);
    res.status(500).json({ message: 'Internal server error' });
  }
};