import { NextRequest, NextResponse } from "next/server";
import bcrypt from "bcryptjs";

import dbConnect from "@/lib/mongodb";
import { authenticate } from "@/lib/authenticate";

import User from "@/models/User";

export async function GET(request: NextRequest) {
  try {
    await dbConnect();

    const authUser = await authenticate(request);

    const user = await User.findById(authUser.userId)
      .populate("role")
      .select("-password");

    if (!user) {
      return NextResponse.json(
        {
          success: false,
          message: "User not found",
        },
        { status: 404 }
      );
    }

    return NextResponse.json(
      {
        success: true,
        data: user,
      },
      { status: 200 }
    );
  } catch (error: any) {
    return NextResponse.json(
      {
        success: false,
        message: error.message || "Unauthorized",
      },
      { status: 401 }
    );
  }
}

export async function PATCH(request: NextRequest) {
  try {
    await dbConnect();

    const authUser = await authenticate(request);

    const body = await request.json();

    const { name, phone } = body;

    const updateData: any = {};

    if (name) {
      updateData.name = name.trim();
    }

    if (phone) {
      updateData.phone = phone.trim();
    }

    const user = await User.findByIdAndUpdate(
      authUser.userId,
      updateData,
      {
        new: true,
        runValidators: true,
      }
    ).select("-password");

    return NextResponse.json(
      {
        success: true,
        message: "Profile updated successfully",
        data: user,
      },
      { status: 200 }
    );
  } catch (error: any) {
    return NextResponse.json(
      {
        success: false,
        message: error.message,
      },
      { status: 500 }
    );
  }
}

export async function PUT(request: NextRequest) {
  try {
    await dbConnect();

    const authUser = await authenticate(request);

    const body = await request.json();

    const {
      currentPassword,
      newPassword,
      confirmPassword,
    } = body;

    console.log("CURRENT PASSWORD:", currentPassword);

    if (!currentPassword) {
      return NextResponse.json(
        {
          success: false,
          message: "Current password is required",
        },
        { status: 400 }
      );
    }

    if (!newPassword) {
      return NextResponse.json(
        {
          success: false,
          message: "New password is required",
        },
        { status: 400 }
      );
    }

    if (newPassword.length < 6) {
      return NextResponse.json(
        {
          success: false,
          message: "Password must be at least 6 characters",
        },
        { status: 400 }
      );
    }

    if (newPassword !== confirmPassword) {
      return NextResponse.json(
        {
          success: false,
          message: "Passwords do not match",
        },
        { status: 400 }
      );
    }

    const user = await User.findById(authUser.userId);

    if (!user) {
      return NextResponse.json(
        {
          success: false,
          message: "User not found",
        },
        { status: 404 }
      );
    }

    const passwordMatched = await bcrypt.compare(
      currentPassword,
      user.password
    );

    if (!passwordMatched) {
      return NextResponse.json(
        {
          success: false,
          message: "Current password is incorrect",
        },
        { status: 400 }
      );
    }

    const hashedPassword = await bcrypt.hash(
      newPassword,
      10
    );

    user.password = hashedPassword;

    await user.save();

    return NextResponse.json(
      {
        success: true,
        message: "Password changed successfully",
      },
      { status: 200 }
    );
  } catch (error: any) {
    return NextResponse.json(
      {
        success: false,
        message: error.message,
      },
      { status: 500 }
    );
  }
}