const express = require("express")
const router = express.Router()
const { requireAuth } = require("./../middleware/authmiddleware")
const clientid = "1008206768989544449"
const secret = "M2ixbjumSA6o1Qgt7KvCNcPb_giJHyp3"
const fetch = (...args) =>
	import("node-fetch").then(({ default: fetch }) => fetch(...args))
const User = require("./../model/user.js")
const speakeasy = require("speakeasy")
const qrcode = require("qrcode")
const bodyParser = require("body-parser")
const xss = require("xss")
router.use(bodyParser.json())

router.get("/authenticate", requireAuth, async function (req, rep) {
	const code = req.query.code
	//console.log(code)
	if (code) {
		const response = await fetch("https://discord.com/api/oauth2/token", {
			body: new URLSearchParams({
				client_id: clientid,
				client_secret: secret,
				code,
				grant_type: "authorization_code",
				redirect_uri: `http://mete0r.xyz/settings/authenticate`,
				scope: "identify",
			}),
			method: "POST",
			headers: {
				"Content-Type": "application/x-www-form-urlencoded",
			},
		})

		const son = await response.json()
		//console.log(son)
		//console.log(son["access_token"])

		const resp2 = await fetch("https://discord.com/api/users/@me", {
			headers: {
				authorization: `${son["token_type"]} ${son["access_token"]}`,
			},
		})

		const final = await resp2.json()

		const dcid = final.id
		//console.log(dcid)
		const user = await User.findOne({ discordid: dcid }) /*.lean()*/
		if (user) {
			return rep.redirect("/settings?error=alreadyused")
		}
		const milliseconds = BigInt(dcid) >> 22n
		if (
			new Date(Number(milliseconds) + 1420070400000) >
				Date.now() - 1000 * 60 * 60 * 24 * 7 * 4 ===
			true
		) {
			// 1 month
			return rep.redirect("/settings?error=toonew")
		}
		req.userdocument.discordid = dcid.toString()
		req.userdocument.markModified("discordid")
		await req.userdocument.save()

		rep.redirect("/settings")
	}
})

/*router.get("/unlink", requireAuth,async (req, res) => {
    req.userdocument.discordid = undefined
    req.userdocument.markModified('discordid')
   await req.userdocument.save()
   res.redirect('/settings')
})*/

router.get("/2fa", requireAuth, async (req, res) => {
	if (req.userdocument.twofasecrets) {
		const json = JSON.parse(req.userdocument.twofasecrets)
		if (json.verified === true) {
			return res.json({
				status: "success",
				message: "2FA already set sorry.",
			})
		} else {
			// basically if they haven't verified that they know the secret before we will just remove it for them
			req.userdocument.twofasecrets = undefined
			req.userdocument.markModified("twofasecrets")
			req.userdocument.save()
		}
	}
	const secret = speakeasy.generateSecret({
		name: "Meteorite",
	})
	qrcode.toDataURL(secret.otpauth_url, function (err, data) {
		req.userdocument.twofasecrets = JSON.stringify({
			secret: secret.ascii,
			verified: false,
		})
		req.userdocument.markModified("twofasecrets")
		req.userdocument.save()
		return res.json({
			status: "success",
			message: "2FA set please verify to complete.",
			qrcode: data,
		})
	})
})

router.post("/verify2fa", requireAuth, async (req, res) => {
	const { code } = req.body
	if (req.userdocument.twofasecrets) {
		const json = JSON.parse(req.userdocument.twofasecrets)
		if (json.verified === true) {
			return res.json({
				status: "success",
				message: "2FA already set sorry.",
			})
		} else {
			const valid = speakeasy.totp.verify({
				secret: json.secret,
				encoding: "ascii",
				token: code,
			})
			if (valid === false) {
				return res.json({ status: "error", error: "Invalid 2FA Code" })
			} else {
				json.verified = true
				req.userdocument.twofasecrets = JSON.stringify(json)
				req.userdocument.markModified("twofasecrets")
				req.userdocument.save()
				return res.json({ status: "success", message: "2FA verified." })
			}
		}
	}
})

router.post("/setbio", requireAuth, async (req, res) => {
	const { bio } = req.body
	if (typeof bio !== "string") {
		return res.json({ status: "error", error: "Bio not sent" })
	}
	if (bio.length > 100) {
		return res.json({ status: "error", error: "Length over 100." })
	}
	req.userdocument.bio = xss(bio)
	req.userdocument.markModified("bio")
	req.userdocument.save()
	return res.json({ status: "success", message: "Done." })
})

router.post("/changecss", requireAuth, async (req, res) => {
	const { customcss } = req.body
	if (typeof customcss !== "string") {
		return res.json({ status: "error", error: "Bio not sent" })
	}
	if (customcss.length > 5000) {
		return res.json({ status: "error", error: "Length over 5000." })
	}
	req.userdocument.css = xss(customcss)
	req.userdocument.markModified("css")
	req.userdocument.save()
	return res.json({ status: "success", message: "Done." })
})

router.post("/aboutme", requireAuth, async (req, res) => {
	const { about } = req.body
	if (typeof about !== "string") {
		return res.json({ status: "error", error: "Bio not sent" })
	}
	if (about.length > 200) {
		return res.json({ status: "error", error: "Length over 200." })
	}
	req.userdocument.aboutme = xss(about)
	req.userdocument.markModified("aboutme")
	req.userdocument.save()
	return res.json({ status: "success", message: "Done." })
})

module.exports = router