import { Request, Response } from 'express';
import * as authService from '../services/auth.service.js';
import { AuthRequest, ApiResponse } from '../types/index.js';

// Mitarbeiter-Login
export async function login(req: Request, res: Response): Promise<void> {
  try {
    const { email, password } = req.body;

    if (!email || !password) {
      res.status(400).json({
        success: false,
        error: 'E-Mail und Passwort erforderlich',
      } as ApiResponse);
      return;
    }

    const result = await authService.login(email, password);
    res.json({ success: true, data: result } as ApiResponse);
  } catch (error) {
    res.status(401).json({
      success: false,
      error: error instanceof Error ? error.message : 'Anmeldung fehlgeschlagen',
    } as ApiResponse);
  }
}

// Kundenportal-Login
export async function customerLogin(req: Request, res: Response): Promise<void> {
  try {
    const { email, password } = req.body;

    if (!email || !password) {
      res.status(400).json({
        success: false,
        error: 'E-Mail und Passwort erforderlich',
      } as ApiResponse);
      return;
    }

    const result = await authService.customerLogin(email, password);
    res.json({ success: true, data: result } as ApiResponse);
  } catch (error) {
    res.status(401).json({
      success: false,
      error: error instanceof Error ? error.message : 'Anmeldung fehlgeschlagen',
    } as ApiResponse);
  }
}

export async function me(req: AuthRequest, res: Response): Promise<void> {
  try {
    if (!req.user) {
      res.status(401).json({
        success: false,
        error: 'Nicht authentifiziert',
      } as ApiResponse);
      return;
    }

    // Kundenportal-Login
    if (req.user.isCustomerPortal && req.user.customerId) {
      const customer = await authService.getCustomerPortalUser(req.user.customerId);
      if (!customer) {
        res.status(404).json({
          success: false,
          error: 'Kunde nicht gefunden',
        } as ApiResponse);
        return;
      }
      res.json({ success: true, data: customer } as ApiResponse);
      return;
    }

    // Mitarbeiter-Login
    if (!req.user.userId) {
      res.status(401).json({
        success: false,
        error: 'Ungültige Authentifizierung',
      } as ApiResponse);
      return;
    }

    const user = await authService.getUserById(req.user.userId);
    if (!user) {
      res.status(404).json({
        success: false,
        error: 'Benutzer nicht gefunden',
      } as ApiResponse);
      return;
    }

    res.json({ success: true, data: user } as ApiResponse);
  } catch (error) {
    res.status(500).json({
      success: false,
      error: 'Fehler beim Laden der Benutzerdaten',
    } as ApiResponse);
  }
}

export async function register(req: Request, res: Response): Promise<void> {
  try {
    const { email, password, firstName, lastName, roleIds } = req.body;

    if (!email || !password || !firstName || !lastName) {
      res.status(400).json({
        success: false,
        error: 'Alle Pflichtfelder müssen ausgefüllt sein',
      } as ApiResponse);
      return;
    }

    const user = await authService.createUser({
      email,
      password,
      firstName,
      lastName,
      roleIds: roleIds || [2], // Default to employee role
    });

    res.status(201).json({ success: true, data: user } as ApiResponse);
  } catch (error) {
    res.status(400).json({
      success: false,
      error:
        error instanceof Error
          ? error.message
          : 'Benutzer konnte nicht erstellt werden',
    } as ApiResponse);
  }
}