const { generateToken } = require('./csrf');
const database = require('./database');
const crypto = require("crypto");

async function PersistSession(req, res, next) {
    req.session.visited = true;
    res.locals.nonce = crypto.randomBytes(16).toString('base64');

    const isLoggedIn = req.session.isLoggedIn;

    if(isLoggedIn) {
        const userId = req.session.userId;
        const username = req.session.username;
        const power = req.session.power;

        req.session.ipAddress = req.ip;

        res.locals.isLoggedIn = isLoggedIn;
        res.locals.userId = userId;
        res.locals.username = username;
        res.locals.power = power;
        res.locals.csrfToken = generateToken(req);
    }

    next();
}

async function CreateSession(req, user) {
    return new Promise(async (resolve, reject) => {
        try {
            req.session.isLoggedIn = true;
            req.session.userId = user.id;
            req.session.username = user.username;
            req.session.power = user.power;

            resolve();
        } catch(error) {
            reject(error);
        }
    });
}

function AllowIfNotAuthenticated(req, res, next) {
    const isLoggedIn = req.session.isLoggedIn;
    if(isLoggedIn)
        return res.redirect('/');
    next();
}

function AllowIfAuthenticated(req, res, next) {
    const isLoggedIn = req.session.isLoggedIn;
    if(!isLoggedIn)
        return res.redirect('/');
    else
        next();
}

module.exports = {
    PersistSession,
    CreateSession,
    AllowIfNotAuthenticated,
    AllowIfAuthenticated
}