import { verifyJWT } from '../middleware/auth';
import { captchaPlugins } from '../middleware/captcha';
import { createErrorResponse, createSuccessResponse } from '../utils';

export async function onRequestGet(context) {
  try {
    const { env } = context;

    // Get the messages from D1
    const { results } = await env.DB.prepare("SELECT messages.id, userId, username, message, timestamp, users.avatar FROM messages LEFT JOIN users ON users.id = messages.userId ORDER BY timestamp DESC").all();

    return createSuccessResponse({ messages: results });
  } catch (error) {
    console.error("Get messages error:", error);
    return createErrorResponse("Get messages failed", 500);
  }
}

export const onRequestPost = [
  ...captchaPlugins,
  async (context) => {
    try {
      const { request, env } = context;

      // Verify the JWT token
      const authResult = await verifyJWT(context);
      if (authResult) {
        return authResult; // Return the error response from the middleware
      }

      let payload;

      try {
        const formData = await request.formData();
        payload = JSON.parse(formData.get('payload'));
      } catch (e) {
        console.error("Payload parsing error:", e);
        return createErrorResponse("Invalid payload", 400);
      }

      const { message } = payload;

      if (!message) {
        return createErrorResponse("Empty message", 400);
      }

        if (message.length > 200) {
          return createErrorResponse("Message too long", 400);
        }

        // Generate a unique ID for the message
        const messageId = crypto.randomUUID();

        // Store the message in D1
        await env.DB.prepare("INSERT INTO messages (id, userId, message) VALUES (?, ?, ?)")
          .bind(messageId, context.user.userId, message)
          .run();

        return new Response(JSON.stringify({ id: messageId, username: context.user.username, message }), {
          headers: { 'Content-Type': 'application/json' },
        });
    } catch (error) {
      console.error("Message posting error:", error);
      return createErrorResponse("Message posting failed", 500);
    }
  },
];

export async function onRequestDelete(context) {
  try {
    const { request, env } = context;

    // Verify the JWT token
    const authResult = await verifyJWT(context);
    if (authResult) {
      return authResult; // Return the error response from the middleware
    }

    const { messageId } = await request.json();

    if (!messageId) {
      return new Response(JSON.stringify({"error": "Missing messageId"}), {
        status: 400,
        headers: { 'Content-Type': 'application/json' },
      });
    }

    // Check if the message exists
    const { results } = await env.DB.prepare("SELECT * FROM messages WHERE id = ?").bind(messageId).all();
    if (results.length === 0) {
      return createErrorResponse("Message not found", 404);
    }

    // Check if the user is the owner of the message
    const message = results[0];
    if (message.userId !== context.user.userId) {
      return createErrorResponse("Unauthorized", 403);
    }

    // Delete the message from D1
    await env.DB.prepare("DELETE FROM messages WHERE id = ?").bind(messageId).run();

    return createSuccessResponse({ message: "Message deleted successfully" });
    } catch (error) {
      console.error("Message deletion error:", error);
      return createErrorResponse("Message deletion failed", 500);
    }
}