package main

import (
	"fmt"
	"log"
	"net/http"
	"os"

	"github.com/joho/godotenv"
	"github.com/uptrace/bun/extra/bundebug"

	_ "github.com/lib/pq"

	"fr.latosa-escrima/api"
	"fr.latosa-escrima/api/core"
	"github.com/gorilla/csrf"
)

var CORS_AllowOrigin string

func handler(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "<html><body><h1>Hello, World!</h1></body></html>")
}
func Cors(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		// Allow all origins (can restrict to specific origins)
		w.Header().Set("Access-Control-Allow-Origin", CORS_AllowOrigin)
		// Allow certain HTTP methods (you can customize these as needed)
		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, PATCH")
		// Allow certain headers (you can add more as needed)
		w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, X-CSRF-Token")
		w.Header().Set("Access-Control-Allow-Credentials", "true")
		// Handle OPTIONS pre-flight request
		if r.Method == http.MethodOptions {
			return
		}
		next.ServeHTTP(w, r)
	})
}

func main() {
	err := godotenv.Load()
	if err != nil {
		log.Fatalf("Error loading .env file: %v", err)
	}
	environ := os.Getenv("ENVIRONMENT")

	port := os.Getenv("BACKEND_DOCKER_PORT")
	hostname := os.Getenv("DATABASE_HOSTNAME")
	postgres_port := os.Getenv("POSTGRES_DOCKER_PORT")
	CORS_AllowOrigin = os.Getenv("CORS_AllowOrigin")
	if environ == "DEV" {
		port = os.Getenv("BACKEND_PORT")
		hostname = "localhost"
		postgres_port = os.Getenv("POSTGRES_PORT")
	}

	dsn := core.DSN{
		Hostname: hostname,
		Port:     postgres_port,
		DBName:   os.Getenv("POSTGRES_DB"),
		User:     os.Getenv("POSTGRES_USER"),
		Password: os.Getenv("POSTGRES_PASSWORD"),
	}
	fmt.Println(dsn.ToString())
	core.DB, err = core.InitDatabase(dsn)
	if err != nil {
		log.Fatal(err)
	}

	core.DB.AddQueryHook(bundebug.NewQueryHook(bundebug.WithVerbose(true)))

	defer core.DB.Close()

	CSRFMiddleware := csrf.Protect(
		core.CSRF_KEY,
		csrf.Secure(environ != "DEV"),
		csrf.HttpOnly(true),
	)

	mux := http.NewServeMux()

	core.HandleRoutes(mux, map[string]core.Handler{
		"/": {
			Handler:     handler,
			Middlewares: []core.Middleware{api.Methods("get")}},
		"/users/login": {
			Handler:     api.HandleLogin,
			Middlewares: []core.Middleware{api.Methods("POST")}},
		"/users/me": {
			Handler:     api.HandleGetMe,
			Middlewares: []core.Middleware{api.Methods("GET"), api.AuthJWT}},
		"/users": {
			Handler:     api.HandleGetUsers,
			Middlewares: []core.Middleware{api.Methods("GET"), api.AuthJWT}},
		"/users/new": {
			Handler:     api.HandleCreateUser,
			Middlewares: []core.Middleware{api.Methods("POST"), api.AuthJWT}},
		"/users/{user_uuid}": {
			Handler:     api.HandleGetUser,
			Middlewares: []core.Middleware{api.Methods("GET"), api.AuthJWT}},
		"/users/{user_uuid}/delete": {
			Handler:     api.HandleDeleteUser,
			Middlewares: []core.Middleware{api.Methods("DELETE"), api.AuthJWT}},
		"/users/{user_uuid}/update": {
			Handler:     api.HandleUpdateUser,
			Middlewares: []core.Middleware{api.Methods("PATCH"), api.AuthJWT}},
		"/events":              {
			Handler:	 api.HangleGetEvents, 
			Middlewares: []core.Middleware{api.Methods("GET")}},
		"/events/new": {
			Handler:     api.HandleCreateEvent, 
			Middlewares: []core.Middleware{api.Methods("POST")}},
		"/events/{event_uuid}": {
			Handler:	 api.HandleGetEvent, 
			Middlewares: []core.Middleware{api.Methods("GET")}},
		"/events/{event_uuid}/delete": {
			Handler:	 api.HandleDeleteEvent, 
			Middlewares: []core.Middleware{api.Methods("DELETE")}},
		"/events/{event_uuid}/update": {
			Handler:	 api.HandleUpdateEvent, 
			Middlewares: []core.Middleware{api.Methods("PATCH")}},
		"/blogs/new": {
			Handler:	 api.HandleCreateBlog, 
			Middlewares: []core.Middleware{api.Methods(("POST"))}},
		"/blogs/{uuid}": {
			Handler:     api.HandleGetBlog,
			Middlewares: []core.Middleware{api.Methods("GET")}},
		"/media/upload": {
			Handler:     api.HandleUploadMedia,
			Middlewares: []core.Middleware{api.Methods("POST"), api.AuthJWT}},
		"/media/verify": {
			Handler:     api.HandleVerifyMedia,
			Middlewares: []core.Middleware{api.Methods("POST"), api.AuthJWT},
		},
		// Paginated media response
		"/media/": {
			Handler:     api.HandleGetMedia,
			Middlewares: []core.Middleware{api.Methods("GET")},
		},
		// Unique element
		"/media/{media_uuid}": {
			Handler:     api.HandleGetMediaDetails,
			Middlewares: []core.Middleware{api.Methods("GET")},
		},
		// Get the image, video, GIF etc.
		"/media/{media_uuid}/file": {
			Handler:     api.HandleGetMediaFile,
			Middlewares: []core.Middleware{api.Methods("GET")},
		},
		// "/media/{media_uuid}/update": {
		// 	Handler:     api.HandleGetMediaFile,
		// 	Middlewares: []core.Middleware{api.Methods("PATCH"), api.AuthJWT},
		// },
		"/media/{media_uuid}/delete": {
			Handler:     api.HandleDeleteMedia,
			Middlewares: []core.Middleware{api.Methods("DELETE"), api.AuthJWT},
		},
		"/contact": {
			Handler:     api.HandleContact,
			Middlewares: []core.Middleware{api.Methods("POST"), CSRFMiddleware},
		},
		"/csrf-token": {
			Handler:     api.HandleCSRF,
			Middlewares: []core.Middleware{api.Methods("GET"), CSRFMiddleware},
		},
	})

	fmt.Printf("Serving on port %s\n", port)
	err = http.ListenAndServe(fmt.Sprintf(":%s", port), Cors(mux))
	if err != nil {
		fmt.Printf("Error starting server: %s\n", err)
	}
}